Temporal Validity Window Governance

2. Summary

Temporal Validity Window Governance requires that every data value consumed by an AI agent carry an explicit validity window — the time period during which the value is considered reliable for decision-making — and that the system enforce expiration by blocking agent use of data that has exceeded its validity window. Data is not eternally true: a credit score is valid for a defined assessment period, a market price is valid at the instant of quotation, a sanctions list entry is valid until the next list publication, and a patient's allergy record is valid until the next clinical review. Without temporal validity enforcement, agents make decisions on data that was once accurate but has since expired, treating historical snapshots as current truth.

3. Example

Scenario A — Expired Credit Score in Lending Decision: A lending agent processes mortgage applications using credit scores retrieved from a credit reference agency. The organisation's credit policy requires scores no older than 30 days. The agent caches credit scores to reduce API costs (each lookup costs £1.50). For applicant A-5523, a credit score of 720 was retrieved 47 days ago during a preliminary enquiry. The applicant's financial situation has since deteriorated — two missed payments have reduced the actual score to 631. The agent uses the cached 720 score to approve a mortgage of £285,000. Under the actual 631 score, the application would have been declined. The borrower defaults after 9 months. Loss given default: £67,000. Regulatory investigation finds the firm violated its own credit policy by using stale data, and the agent had no mechanism to enforce the 30-day validity window.

What went wrong: The cached credit score had no validity window. The agent treated a 47-day-old score as current. No expiration mechanism prevented the agent from using the stale value.

Scenario B — Stale Sanctions Data in Transaction Screening: A compliance screening agent screens transactions against a sanctions list. The list provider publishes updates every 6 hours. The agent's local copy is refreshed by a batch job scheduled every 6 hours. The batch job fails silently on a Friday evening. The agent continues screening transactions against a sanctions list that is 60 hours stale by Monday morning. During this period, 3 entities are added to the sanctions list. The agent processes 12 transactions totalling £340,000 involving one of the newly sanctioned entities. The firm discovers the failure during a Monday audit. The firm must file a suspicious activity report, notify the regulator, and investigate whether the transactions can be reversed. Regulatory penalty for inadequate screening systems: £75,000.

What went wrong: The sanctions list had no enforced validity window. The batch refresh failure was not detected because no mechanism checked whether the list was still within its validity period. The agent continued screening against stale data for 60 hours.

Scenario C — Expired Medical Data in Clinical Decision Support: A clinical decision support agent recommends medication adjustments based on patient lab results. The organisation's clinical protocol requires lab values no older than 72 hours for dosage adjustments. Patient P-3298's last potassium level was 4.2 mmol/L, measured 8 days ago. The patient has since developed acute kidney injury, and the actual potassium level is 6.1 mmol/L (dangerously elevated). The agent recommends a medication that further elevates potassium. The medication is administered before a clinician reviews the lab date. The patient develops cardiac arrhythmia requiring ICU admission for 3 days. Investigation reveals the agent used 8-day-old lab data without a validity window enforcement mechanism.

What went wrong: Lab values had no enforced temporal validity window. The agent consumed 8-day-old data in a context where 72-hour-old data was the maximum acceptable age. The clinical team trusted the agent's recommendation without independently verifying the lab date.

4. Requirement Statement

Scope: This dimension applies to all AI agents that consume time-sensitive data for decisions. The scope covers: financial market data (prices, rates, indices), reference data (sanctions lists, regulatory registers, credit scores), clinical data (lab results, vital signs, medication lists), operational data (inventory levels, sensor readings, system status), and any data whose reliability or accuracy degrades with time. The scope extends to cached data, derived data (which inherits the validity window of its most recently expired input), and data in vector stores (AG-132) where document freshness affects retrieval quality. The validity window is a property of the data value in context — the same data value may have different validity windows in different decision contexts (e.g., a credit score valid for 30 days for a mortgage decision may be valid for 90 days for a marketing segmentation decision).

4.1. A conforming system MUST assign a temporal validity window to every decision-critical data value, specifying the time period during which the value may be used for agent decisions.

4.2. A conforming system MUST validate the validity window of every decision-critical data value before the agent consumes it, blocking consumption of expired data.

4.3. A conforming system MUST treat expired data as unavailable, triggering the missing data escalation policy (AG-312) rather than allowing the agent to proceed with stale data.

4.4. A conforming system MUST log every validity check, including the data value, the validity window, the check timestamp, and the pass/expired result.

4.5. A conforming system MUST attach validity metadata (valid_from, valid_until) to every data value as intrinsic attributes, not as separable metadata.

4.6. A conforming system SHOULD define validity windows relative to the data's production timestamp and the decision context, not as a fixed system-wide duration.

4.7. A conforming system SHOULD implement proactive refresh — triggering data refresh before the validity window expires, so that fresh data is available when the current data expires.

4.8. A conforming system SHOULD monitor the ratio of expired-to-valid data access attempts as a system health metric, alerting when the ratio exceeds a defined threshold (indicating systemic refresh failures).

4.9. A conforming system MAY implement grace periods for soft expiration, where data within a short grace period beyond the validity window is usable with a reduced-confidence flag, before hard expiration blocks access entirely.

5. Rationale

All data is temporal. A market price is valid at the instant it was quoted. A credit score reflects creditworthiness at the time it was computed. A lab result measures a patient's condition at the time the sample was taken. A sanctions list reflects regulatory status at the time of publication. The passage of time erodes the reliability of every data value, at rates that depend on the data type and the decision context.

Human decision-makers intuitively apply temporal validity. A doctor reviewing lab results checks the collection date. A trader looks at the timestamp on a price quote. A compliance officer verifies the sanctions list publication date. AI agents have no such intuition — they consume data values without temporal context unless that context is explicitly provided and enforced.

The risk of stale data in AI agent systems is amplified by three factors. First, agents operate continuously and autonomously — they do not have natural pause points where a human would check timestamps. Second, caching is pervasive in agent systems for performance and cost reasons, creating a structural incentive to use stale data. Third, agents process data at volume — a human reviewing 10 applications per day might notice a stale credit score; an agent processing 10,000 per day processes stale and fresh scores identically.

Temporal validity window governance addresses this by making time-sensitivity explicit and enforceable. Each data value carries its validity period as intrinsic metadata. The data access layer checks validity before delivery to the agent. Expired data is treated as unavailable, triggering the same escalation paths as missing data (AG-312). This creates a clean governance chain: AG-309 ensures the right source; AG-311 ensures sufficient quality; AG-316 ensures sufficient freshness; and AG-312 governs what happens when any of these checks fail.

The context-dependency of validity windows deserves emphasis. A credit score that is 25 days old may be acceptable for a marketing segmentation decision but unacceptable for a mortgage lending decision. The validity window is not a property of the data alone — it is a property of the data-in-context. This means validity windows must be configurable per decision context, not merely per data field.

6. Implementation Guidance

Temporal validity governance requires three components: validity metadata (every value carries its temporal bounds), validity enforcement (the data access layer checks validity before delivery), and expiration response (expired data triggers escalation per AG-312).

Validity metadata structure should include: valid_from (the timestamp from which the data is considered valid — typically the production or observation timestamp), valid_until (the timestamp after which the data should not be used for the specified decision context), and optionally a grace_until (a soft expiration allowing reduced-confidence use before hard expiration). These timestamps should be in UTC using ISO 8601 format.

Validity window definition should be maintained as a governed configuration, specifying for each combination of data field and decision context: the maximum age (time from valid_from to valid_until), the grace period (if applicable), and the refresh strategy (on-demand, scheduled, or proactive).

Example validity window definitions:

• Credit score + mortgage decision: max age 30 days, no grace period, proactive refresh at 25 days
• Sanctions list + transaction screening: max age 6 hours, grace period 30 minutes, scheduled refresh every 6 hours with retry on failure
• Equity price + portfolio valuation: max age 60 seconds after market close, no grace period, continuous feed with staleness detection
• Patient lab result + dosage adjustment: max age 72 hours, no grace period, no proactive refresh (clinician orders new labs)

Recommended patterns:

• Validity-stamped value objects. Extend the typed value objects from AG-314 to include validity metadata:

``json { "value": 720, "unit": "credit_score_points", "valid_from": "2026-02-11T14:30:00Z", "valid_until": "2026-03-13T14:30:00Z", "source": "experian-api-v3" } `` The data access layer rejects any value object where the current timestamp exceeds valid_until.

• Time-aware cache with automatic expiration. Configure data caches with TTL (time-to-live) values derived from the validity window configuration. When a cached value's TTL expires, the cache entry is invalidated, and the next access attempt triggers a fresh retrieval from the authoritative source (AG-309). If the fresh retrieval fails, the access is treated as missing data (AG-312). This prevents stale cache entries from persisting indefinitely.
• Proactive refresh scheduler. A background scheduler monitors validity windows across all cached data. When a value approaches its expiration (e.g., at 80% of its validity window), the scheduler proactively retrieves a fresh value from the authoritative source. If the refresh succeeds, the cache is updated seamlessly. If it fails, an alert is generated before the data expires, giving operators time to intervene.

Anti-patterns to avoid:

• Infinite validity by default. Data stored without validity metadata is implicitly valid forever. This is the most common anti-pattern — organisations cache data without TTLs, and the cache becomes a source of unbounded staleness.
• System-wide TTL without context. Applying a single cache TTL to all data regardless of decision context. A 24-hour TTL may be appropriate for reference data but catastrophically stale for market prices. Validity windows must be context-aware.
• Validity in the cache layer only. Implementing TTL in the cache but not in the data access layer. If the cache is bypassed (direct database query, backup restoration, data migration), stale data can reach the agent without validity checks.
• Clock skew tolerance. In distributed systems, clock differences between the data producer, the cache layer, and the agent can cause validity checks to pass or fail incorrectly. The implementation must account for clock synchronisation tolerances (NTP should ensure sub-second accuracy in most environments).
• Treating expired data as low-quality rather than unavailable. Allowing agents to consume expired data with a "stale" flag rather than blocking access. This creates a risk that the agent treats stale data as usable but slightly less reliable, when in fact the data may be dangerously outdated.

Industry Considerations

Financial Services. Market data freshness is governed by exchange rules and best execution requirements. Pricing data used for trade execution is typically valid for seconds. End-of-day pricing for valuation is valid until the next market close. Reference data (LEI, ISIN registries) is valid until the next publication date. Regulatory reporting requires data as-of specific cut-off timestamps.

Healthcare. Clinical data validity is governed by clinical protocols. Lab results for acute care decisions may have validity windows of hours. Medication lists require review frequency defined by care context. Allergy data is typically valid until the next clinical encounter where allergies are reviewed. National guidance (e.g., NICE) may specify validity periods for specific data types.

Safety-Critical Systems. Sensor data in industrial control contexts may have validity windows of seconds or milliseconds. A temperature reading that is 30 seconds old in a rapid chemical process may represent a dangerous state that has already changed. Validity windows for safety-critical data should be calibrated to the physical time constants of the processes being monitored.

Maturity Model

Basic Implementation — The organisation has defined validity windows for decision-critical data values in its primary agent data sources. Validity metadata is attached to cached data. The data access layer checks validity before delivering data to agents. Expired data triggers missing data escalation (AG-312). Validity window configurations are documented.

Intermediate Implementation — Validity windows are context-aware — the same data field has different validity periods depending on the decision context. Proactive refresh minimises expiration events. The expired-to-valid access ratio is monitored as a system health metric. Validity metadata is stored as intrinsic attributes, not separable cache metadata. All validity checks are logged.

Advanced Implementation — All intermediate capabilities plus: validity enforcement has been verified through adversarial testing including cache poisoning, timestamp manipulation, and validity bypass attacks. The organisation can demonstrate for any historical decision that all consumed data was within its validity window at the time of consumption. Dynamic validity windows adjust based on market conditions or operational context (e.g., shorter validity windows during high-volatility periods).

7. Evidence Requirements

Required artefacts:

• Validity window definitions. The versioned configuration of validity windows for all decision-critical data values, specifying field, decision context, maximum age, grace period (if applicable), and refresh strategy.
• Validity check logs. Timestamped records of all validity checks, including data value identifier, validity window, check timestamp, and pass/expired result. Minimum 12 months retention.
• Expired data event records. Records of all expired data events including the data field, the expiration time, the agent decision that was blocked or escalated, and the resolution (data refreshed, decision deferred, human review).
• Proactive refresh performance metrics. Records showing the percentage of data values refreshed before expiration versus those that expired before refresh.

Retention requirements:

• Validity window definitions and check logs: minimum 7 years for regulated financial services; minimum 5 years for other regulated sectors; minimum 3 years otherwise.

Access requirements:

• Producible to regulators or auditors within 48 hours of request.

8. Test Specification

Test 8.1: Expired Data Blocking

• Stimulus: Cache a decision-critical data value. Allow its validity window to expire. Attempt to use the expired value in an agent decision.
• Expected behaviour: The data access layer detects the expired validity window and blocks the value from reaching the agent. The missing data escalation policy (AG-312) is triggered.
• Pass criteria: The agent does not consume the expired value. The escalation action is logged.
• Fail criteria: The agent consumes and acts on expired data.

Test 8.2: Validity Window Precision

• Stimulus: Submit a decision request at the exact moment a data value's validity window expires (boundary test). Submit one request 1 second before expiration and one request 1 second after.
• Expected behaviour: The pre-expiration request succeeds. The post-expiration request is blocked.
• Pass criteria: The boundary is precise — no data is consumed after the valid_until timestamp. Clock synchronisation is accounted for.
• Fail criteria: Data is consumed after the valid_until timestamp, or valid data is incorrectly blocked before expiration.

Test 8.3: Context-Aware Validity Windows

• Stimulus: Request the same data value in two different decision contexts with different validity windows (e.g., credit score for mortgage decision with 30-day validity vs. marketing segmentation with 90-day validity). Test with a data value that is 45 days old.
• Expected behaviour: The mortgage context rejects the value (expired beyond 30 days). The marketing context accepts it (within 90 days).
• Pass criteria: The same data value receives different validity evaluations based on decision context.
• Fail criteria: Both contexts apply the same validity window, or context is not considered.

Test 8.4: Proactive Refresh Effectiveness

• Stimulus: Configure a proactive refresh at 80% of the validity window. Monitor whether the refresh occurs before expiration.
• Expected behaviour: The refresh is triggered at or before 80% of the validity window. Fresh data is available before expiration.
• Pass criteria: At least 95% of proactive refreshes complete before the validity window expires.
• Fail criteria: Proactive refresh fails to trigger, or the refresh does not complete before expiration.

Test 8.5: Validity Metadata Tampering Resistance

• Stimulus: Attempt to extend the valid_until timestamp of a cached value through agent output, direct cache manipulation, or API request parameter modification.
• Expected behaviour: Validity metadata is immutable once set. Extensions require fresh data retrieval from the authoritative source.
• Pass criteria: No external process extends a validity window without re-retrieval from the authoritative source.
• Fail criteria: Validity windows can be extended through manipulation.

Conformance Scoring

• Score 0: No temporal validity windows exist — agents consume cached or stored data regardless of age.
• Score 1: Validity windows are defined but enforced only through cache TTLs, not at the data access layer — bypass routes exist.
• Score 2: Validity windows are enforced at the data access layer with context-aware durations, intrinsic validity metadata, and comprehensive logging. Expired data triggers AG-312 escalation.
• Score 3: Verified by independent adversarial testing — cache poisoning, timestamp manipulation, and validity bypass attacks have been attempted and failed. Proactive refresh and dynamic validity windows are operational.

9. Regulatory Mapping

Regulation	Provision	Relationship Type
EU AI Act	Article 10 (Data and Data Governance)	Supports compliance
BCBS 239	Principle 5 (Timeliness)	Direct requirement
FCA CONC	5.2A (Creditworthiness Assessment)	Direct requirement
MiFID II	Article 27 (Best Execution)	Supports compliance
HIPAA	§164.312(c) (Integrity Controls)	Supports compliance
NIST AI RMF	MANAGE 2.2, MEASURE 2.5	Supports compliance
ISO 42001	Clause 8.4 (AI System Operation)	Supports compliance

BCBS 239 — Principle 5 (Timeliness)

Principle 5 requires that risk data aggregation be timely, with data available within defined timeframes. For AI agents used in risk functions, timeliness means that the data consumed for risk calculations is within its validity window. Stale risk data — a position that was accurate yesterday but not today — undermines the timeliness principle. AG-316 ensures that risk data consumed by agents meets defined timeliness requirements.

FCA CONC — 5.2A (Creditworthiness Assessment)

Creditworthiness assessments must be based on current information. A credit score from 47 days ago (Scenario A) does not represent current creditworthiness. AG-316 enforces the temporal boundaries that ensure lending agents use data of acceptable recency.

MiFID II — Article 27 (Best Execution)

Best execution requires timely market data. Stale pricing data used for execution decisions violates best execution obligations because the firm is not acting on the most current available information. AG-316 enforces freshness requirements on market data consumed by trading and execution agents.

HIPAA — §164.312(c) (Integrity Controls)

Integrity controls require that electronic protected health information not be improperly altered or destroyed. While not directly addressing staleness, the use of outdated clinical data for patient care decisions can be considered an integrity concern — the data no longer accurately represents the patient's current condition. AG-316 supports clinical data integrity by ensuring agents use data within clinically appropriate validity windows.

10. Failure Severity

Field	Value
Severity Rating	High (Critical in safety-critical and real-time financial contexts)
Blast Radius	Decision-specific — affects individual decisions made on expired data, but systemic when a refresh failure causes widespread staleness

Consequence chain: Agents consume data past its validity window, treating historical snapshots as current truth. The consequences depend on the rate of change in the underlying reality. In slowly changing domains (reference data), staleness may cause minor discrepancies. In rapidly changing domains (market prices, clinical vital signs, sanctions lists), staleness can cause severe outcomes. In Scenario A, a 47-day-old credit score caused a £67,000 loan loss. In Scenario B, a 60-hour-old sanctions list caused £340,000 in transactions with a sanctioned entity and a £75,000 regulatory penalty. In Scenario C, 8-day-old lab results contributed to a cardiac emergency requiring ICU admission. The systemic risk materialises when a batch refresh job fails silently (Scenario B) — every agent consuming that data source operates on stale data simultaneously, amplifying the impact across all decisions until the failure is detected.

Cross-references: AG-309 (Authoritative Source Register Governance) identifies the source from which fresh data should be retrieved when cached data expires. AG-311 (Data Quality Threshold Enforcement Governance) — freshness is a data quality dimension; AG-316 provides granular, context-aware freshness enforcement beyond AG-311's threshold approach. AG-312 (Missing Data Escalation Governance) — expired data is treated as unavailable, triggering AG-312 escalation. AG-317 (Derived Data Provenance Governance) — derived values inherit the earliest expiration of their contributing values. AG-133 (Source Record Lineage) — temporal validity metadata forms part of the lineage record. AG-006 (Tamper-Evident Record Integrity) — validity metadata must be tamper-evident to prevent validity window extension attacks.