Cross-System Trace Correlation Governance

2. Summary

Cross-System Trace Correlation Governance requires that organisations operating AI agents across multiple systems, services, tools, and infrastructure layers implement and maintain a governed correlation framework that enables any event — an agent decision, a tool invocation, a user interaction, an infrastructure failure — to be traced end-to-end across every system it touches, with a single correlation identifier linking the complete chain. AI agents are inherently multi-system actors: a single agent action may traverse an orchestration layer, invoke three external tools, query two databases, call an inference endpoint, log to a telemetry pipeline, and trigger a downstream workflow — each in a different system with different logging formats. Without governed cross-system trace correlation, the causal chain is fragmented, forensic investigation degrades to manual log correlation across systems, root cause analysis fails, and the organisation cannot reconstruct the full sequence of events that led to an incident. This dimension mandates the structural, operational, and evidentiary requirements for maintaining trace correlation integrity across system boundaries.

3. Example

Scenario A — Orphaned Trace Segments Conceal Root Cause: A financial-value agent processes a portfolio rebalancing request. The operation spans 7 systems: the user interface, the orchestration service, the market data provider, the risk assessment engine, the order management system, the execution venue gateway, and the settlement system. Each system generates trace data using its own identifier scheme. The orchestration service passes a correlation identifier to 5 of the 7 systems, but the market data provider and the settlement system do not accept the incoming correlation identifier — the market data provider uses a proprietary request identifier, and the settlement system generates its own internal transaction reference. When the rebalancing produces an incorrect allocation that overweights a single sector by £340,000, the incident investigation team can trace the operation through 5 systems but cannot determine whether the root cause was incorrect market data (in the uncorrelated market data provider) or a settlement timing issue (in the uncorrelated settlement system). The investigation takes 14 days instead of 2, requires manual log correlation by three engineers, and ultimately cannot conclusively identify the root cause. The remediation is a broad defensive fix that addresses both hypotheses at a cost of £185,000, when the actual root cause — a stale market data cache — could have been fixed for £12,000 if the trace had been complete.

What went wrong: Two of seven systems in the transaction chain did not participate in the correlation framework. The correlation identifier was not propagated across all system boundaries. The organisation had no governance requirement that all systems in an agent's operational path accept and propagate a common correlation identifier. The forensic investigation was crippled by the trace gap, multiplying both investigation time and remediation cost.

Scenario B — Clock Skew Destroys Event Ordering: An enterprise workflow agent orchestrates a procurement approval process involving 4 systems deployed across 3 geographic regions: a request management system in London, an approval routing service in Frankfurt, a compliance checking service in Singapore, and a payment execution system in New York. All four systems accept and propagate the same correlation identifier. However, the Singapore compliance service's clock is 3.7 seconds ahead of the London system's clock due to an NTP synchronisation failure. When the compliance service logs a "compliance check passed" event at timestamp T, the London system logs a "request submitted for compliance check" event at timestamp T+2.1 (which is actually 1.6 seconds before the compliance check, not 2.1 seconds after). The resulting trace shows compliance approval before the request was submitted — a logically impossible sequence. During an audit, the auditor identifies this temporal impossibility and flags the compliance check as potentially fabricated. The investigation to prove the check was legitimate (merely misordered by clock skew) takes 4 weeks and requires engagement with 3 infrastructure teams. The auditor issues a qualified finding for inadequate logging integrity. The organisation incurs £78,000 in audit response costs and faces a follow-up regulatory inquiry.

What went wrong: The correlation identifier was propagated correctly, but the time synchronisation across systems was not validated. Event ordering within the correlated trace was corrupted by clock skew, making the trace logically inconsistent. The organisation had correlation without temporal integrity — the events were linked but their ordering was unreliable. This violated the fundamental purpose of a trace: to reconstruct the causal sequence of events.

Scenario C — Identifier Collision Creates False Correlation: A customer-facing agent platform processes 2.8 million interactions per day. The correlation identifier is generated as a 64-bit random integer, providing a theoretical namespace of 1.8 x 10^19 unique values. However, due to a weak random number generator in one of the contributing systems, the effective identifier space is reduced to 2^32 (approximately 4.3 billion) values. At 2.8 million interactions per day, the birthday paradox predicts an identifier collision approximately every 18 days. A collision occurs: two unrelated customer interactions — one a routine product inquiry and the other a complaint involving a regulatory escalation — share the same correlation identifier. The regulatory escalation trace is contaminated with events from the product inquiry, and the product inquiry trace includes events from the regulatory escalation. When the regulator requests the trace for the escalation, the organisation produces a trace containing interspersed events from an unrelated interaction. The regulator interprets this as evidence of log tampering. The remediation requires a full trace integrity audit costing £230,000 and a system-wide identifier migration.

What went wrong: The correlation identifier namespace was insufficient for the deployment's throughput. The identifier generation used a weak random number generator in one system, dramatically reducing the effective namespace. No governance required validation of identifier uniqueness guarantees across the full correlation scope. The resulting collision corrupted two traces and created a regulatory credibility crisis.

4. Requirement Statement

Scope: This dimension applies to every AI agent deployment where the agent's operational path — from user request to final response or action — traverses more than one system, service, tool, or infrastructure component. "System" is defined broadly: any independently deployed software component with its own logging, its own process boundary, or its own data store constitutes a system for the purposes of this dimension. A single agent invocation that queries a vector database, calls an inference endpoint, and logs to a telemetry pipeline traverses at least three systems. The scope includes all systems in the agent's direct operational path (systems the agent invokes or interacts with) and indirect support systems (infrastructure components that participate in request processing, such as load balancers, service meshes, message queues, and API gateways). The scope extends to third-party systems and external APIs where the organisation has the contractual or technical ability to propagate correlation identifiers. Where third-party systems cannot accept correlation identifiers, the boundary mapping requirements of this dimension still apply — the organisation must document the correlation boundary and implement bridge mechanisms to maintain trace continuity.

4.1. A conforming system MUST assign a globally unique correlation identifier to every agent operation at its point of origin and propagate that identifier across every system boundary in the operation's execution path, ensuring that all events generated by the operation across all systems can be retrieved and ordered using the single correlation identifier.

4.2. A conforming system MUST use correlation identifiers with sufficient namespace to guarantee a collision probability below 10^-15 for the deployment's operational throughput over its expected lifetime, using cryptographically strong random number generation for identifier creation.

4.3. A conforming system MUST validate time synchronisation across all systems participating in the correlation framework, ensuring that clock deviation between any two systems does not exceed a defined maximum (recommended: 50 milliseconds for co-located systems, 500 milliseconds for geographically distributed systems), aligned with AG-412 requirements.

4.4. A conforming system MUST maintain a correlation boundary map — a documented inventory of all system boundaries in each agent's operational path, specifying for each boundary: whether the correlation identifier is propagated, the propagation mechanism, and any identifier translation or bridging required.

4.5. A conforming system MUST implement correlation completeness validation that detects orphaned trace segments — events that reference a correlation identifier but are not connected to the full trace — and gaps in the expected trace sequence, triggering alerts when correlation completeness falls below a defined threshold (recommended: 99.5% of traces are complete across all systems).

4.6. A conforming system MUST ensure that every system in the correlation framework logs the correlation identifier in a consistent, queryable format, enabling cross-system trace retrieval through a single query against a unified trace store or a federated query across system-specific stores.

4.7. A conforming system SHOULD implement hierarchical correlation that supports both a top-level operation identifier (linking the entire end-to-end operation) and child span identifiers (linking sub-operations within individual systems), enabling both coarse-grained end-to-end tracing and fine-grained per-system analysis.

4.8. A conforming system SHOULD implement automated trace assembly that reconstructs the complete, time-ordered event sequence for any correlation identifier on demand, resolving any clock skew adjustments and identifier translations automatically.

4.9. A conforming system SHOULD implement correlation health monitoring that continuously measures correlation completeness rates, identifier propagation success rates, and time synchronisation compliance across all system boundaries, surfacing degradation before it affects forensic capability.

4.10. A conforming system MAY implement predictive trace analysis that identifies operations likely to produce incomplete traces (based on the systems involved and their historical correlation reliability) and applies enhanced logging or synchronous trace verification for those operations.

5. Rationale

AI agents are fundamentally distributed systems actors. Unlike traditional software where a single request may be processed within a single service boundary, an AI agent operation routinely spans multiple systems: orchestration frameworks, tool-use APIs, inference endpoints, vector databases, memory stores, action execution environments, and downstream enterprise systems. Each system generates its own logs and events. Without a governed correlation framework, these per-system event streams are isolated islands of information. The organisation can see what happened within each system but cannot reconstruct what happened across systems — and it is the cross-system story that matters for governance, forensics, and accountability.

The governance imperative for cross-system trace correlation is driven by three requirements. First, incident investigation. When an agent produces an incorrect, harmful, or non-compliant output, the organisation must reconstruct the complete causal chain: what input was received, what tools were invoked, what data was retrieved, what inference was performed, what actions were executed, and what downstream effects resulted. This reconstruction requires events from multiple systems to be linked and ordered. Without correlation, investigators must manually search logs across systems using heuristic matching (approximate timestamps, similar payloads, guessed relationships) — a process that is slow, error-prone, and often inconclusive. Second, regulatory compliance. Multiple regulatory frameworks require demonstrable traceability of AI system operations. The EU AI Act Article 12 mandates logging that enables monitoring; DORA Article 11 requires response and recovery procedures that depend on reconstructing what happened. Regulators expect that when they request the trace for a specific operation, the organisation can produce a complete, coherent, time-ordered sequence of events across all involved systems. A fragmented trace that covers 5 of 7 systems is not compliant. Third, accountability. AG-398 (Cross-Agent Blame Attribution Governance) requires the ability to determine which component caused a failure. Blame attribution depends on trace correlation — without it, blame cannot be assigned because the causal chain is incomplete.

The interaction with AG-412 (Time Synchronisation Validation Governance) is critical. Correlation without temporal integrity is correlation in name only. Events linked by a correlation identifier but disordered by clock skew produce traces that are logically inconsistent — showing effects before causes, responses before requests, or approvals before submissions. Such traces are worse than incomplete traces because they actively mislead investigators. AG-412 provides the temporal foundation; AG-418 provides the structural correlation that makes temporal ordering meaningful.

The correlation challenge is compounded in multi-agent architectures where one agent delegates to another, in swarm configurations where multiple agents collaborate, and in hybrid deployments where cloud-based agents interact with edge-deployed agents. Each of these patterns introduces additional system boundaries, each of which is a potential correlation failure point. The governance requirement scales with architectural complexity — more system boundaries demand more rigorous correlation governance.

The economic argument is also compelling. Scenario A illustrates that incomplete correlation multiplies investigation costs by an order of magnitude (14 days versus 2 days, £185,000 versus £12,000 remediation). Across an organisation with dozens of agents and hundreds of incidents per year, the cost of inadequate correlation governance is measured in millions — not in the correlation infrastructure itself, but in the downstream investigation and remediation costs that poor correlation creates.

6. Implementation Guidance

Cross-System Trace Correlation Governance requires a combination of infrastructure standards (identifier format, propagation protocol), operational practices (boundary mapping, completeness monitoring), and forensic capabilities (trace assembly, temporal ordering). The implementation must address both the steady-state requirement (correlation works correctly during normal operations) and the forensic requirement (correlation enables effective investigation after an incident).

Recommended patterns:

• Standard correlation identifier format. Adopt a standardised identifier format with sufficient namespace and structural properties. A 128-bit identifier (equivalent to UUID v4 or similar) provides a namespace of 3.4 x 10^38 values, ensuring collision probability below 10^-15 for any practical throughput. The identifier should be generated using a cryptographically secure random number generator at the operation's point of origin. All systems in the correlation framework must accept, log, and propagate identifiers in this format. Where legacy systems cannot accept the standard format, implement identifier bridge services that maintain a bidirectional mapping between the standard identifier and the legacy system's native identifier.
• Context propagation protocol. Implement a standard context propagation mechanism across all system boundaries. The correlation identifier (and any hierarchical span identifiers) must be transmitted in a consistent location across all communication protocols used in the agent's operational path: HTTP headers for REST APIs, message metadata for message queues, gRPC metadata for gRPC calls, and trace context fields for infrastructure components. The propagation protocol should follow established standards where applicable. The key requirement is consistency: every system boundary must use the same propagation mechanism, and every system must extract and re-inject the identifier on inbound and outbound communications.
• Correlation boundary mapping. Maintain a live inventory of every system boundary in each agent's operational path. For each boundary, document: the systems on each side, the communication protocol, the propagation mechanism, whether correlation identifiers are actively propagated, and any known limitations. This map is the governance artefact that enables completeness analysis — without it, the organisation cannot determine whether all boundaries are covered. The map should be validated against actual trace data periodically, identifying boundaries where propagation is documented but not functioning, and boundaries that exist in practice but are not documented.
• Unified trace store with federated query. Implement a centralised trace store or a federated query layer that can retrieve all events for a given correlation identifier across all participating systems. Investigators should not need to query multiple system-specific log stores manually. The trace store should support: query by correlation identifier, query by time range and system, query by agent identifier, and composite queries combining multiple criteria. Trace assembly should automatically order events by corrected timestamp (adjusting for known clock skew per AG-412).
• Correlation completeness monitoring. Continuously measure what percentage of traces are complete — meaning events exist in every system that the operation is expected to traverse, based on the correlation boundary map and the operation's type. Completeness can be validated by comparing the set of systems that logged events for a correlation identifier against the expected set of systems for that operation type. Traces that are missing events from one or more expected systems are flagged as incomplete. The completeness rate should be monitored as a key operational metric with alerting when it falls below the defined threshold.
• Hierarchical span structure. Implement a parent-child span hierarchy within each trace. The top-level correlation identifier links the entire end-to-end operation. Within each system, child spans capture individual sub-operations (database queries, tool invocations, inference calls). Each child span references both the top-level correlation identifier and its parent span, creating a tree structure that enables both end-to-end tracing and per-system drill-down. This hierarchy is essential for diagnosing performance issues and understanding the internal behaviour of each system within the broader trace.

Anti-patterns to avoid:

• Correlation by convention rather than enforcement. Relying on each system team to voluntarily implement correlation identifier propagation without infrastructure-level enforcement. Voluntary adoption produces inconsistent coverage — some systems propagate identifiers, others do not, and the organisation discovers the gaps only during incident investigation when the trace is incomplete.
• Per-system identifier schemes without translation. Allowing each system to use its own identifier scheme without implementing bidirectional mapping. This creates identifier fragmentation — the same operation has different identifiers in different systems, and no automated mechanism links them. Manual correlation by timestamp or payload matching is fragile and does not scale.
• Correlation without temporal validation. Implementing identifier propagation without validating time synchronisation. Correlated events with inconsistent timestamps produce traces that are linked but misordered. Investigators cannot determine causal sequence, and auditors may flag temporal impossibilities as evidence of log tampering. Correlation and time synchronisation must be co-governed.
• Point-in-time boundary mapping. Documenting the correlation boundary map once and never updating it. Agent operational paths change as new tools are integrated, new services are deployed, and infrastructure is modified. Each change potentially introduces a new system boundary that may or may not participate in the correlation framework. The boundary map must be a living artefact updated with every architectural change.
• Overreliance on sampling for trace completeness. Assuming that sampled traces (per AG-417) provide sufficient correlation coverage. If cross-system trace correlation is sampled and one system drops an event that another system retains, the resulting partial trace is misleading. Critical operations should have guaranteed full-capture traces across all systems.

Industry Considerations

Financial Services. Financial transaction chains must be fully traceable across all systems for regulatory compliance, audit, and dispute resolution. MiFID II transaction reporting requires that firms can reconstruct the complete lifecycle of a transaction, from order receipt through execution to settlement. Cross-system trace correlation is the technical foundation for this requirement. Trade surveillance systems depend on correlated traces to detect market abuse patterns that span multiple systems. Any correlation gap in the transaction chain creates a regulatory exposure.

Healthcare. Clinical decision support agents that interact with electronic health records, laboratory systems, pharmacy systems, and imaging archives must maintain correlation across all systems to support clinical audit trails, adverse event investigation, and regulatory compliance. A clinical trace that covers the decision support agent but not the pharmacy system cannot demonstrate that the correct medication was dispensed based on the agent's recommendation.

Public Sector. Government agents making decisions affecting citizens' rights must maintain complete, tamper-evident traces that can withstand judicial scrutiny. Administrative law principles require that every step in a decision process be documented and reviewable. Cross-system trace correlation enables this by linking the citizen's request, the data retrieved, the rules applied, the decision made, and the notification sent — even when these steps occur in different government systems.

Crypto and Web3. Decentralised agent architectures present extreme correlation challenges. Agents interacting with multiple blockchain networks, decentralised exchanges, and off-chain services must maintain correlation across systems that may not share trust assumptions or infrastructure. Bridge protocols between chains are particularly critical correlation boundaries — events on one chain must be correlated with events on another through the bridge.

Maturity Model

Basic Implementation — A standard correlation identifier format is defined and propagated across all systems in the agent's direct operational path. A correlation boundary map exists and is updated when architectural changes occur. All systems log the correlation identifier in a queryable format. Time synchronisation is validated per AG-412. Cross-system trace retrieval is possible through manual queries against individual system stores. Correlation completeness is measured periodically. This level meets the mandatory requirements and enables basic cross-system forensic investigation.

Intermediate Implementation — All basic capabilities plus: a unified trace store or federated query layer enables single-query trace retrieval across all systems. Hierarchical span structure supports both end-to-end and per-system analysis. Automated trace assembly reconstructs time-ordered event sequences on demand, with clock skew correction. Correlation completeness is monitored continuously with alerting when it falls below threshold. The boundary map is validated against actual trace data quarterly. Third-party system boundaries are documented with bridge mechanisms where possible.

Advanced Implementation — All intermediate capabilities plus: correlation health monitoring provides real-time visibility into propagation success rates and completeness across all system boundaries. Predictive trace analysis identifies operations likely to produce incomplete traces and applies enhanced logging. The organisation can demonstrate through testing that any operation across any agent can be fully reconstructed from the trace store within minutes. Correlation infrastructure is independently audited. Real-time dashboards show correlation completeness, propagation latency, and temporal consistency metrics across the entire agent deployment.

7. Evidence Requirements

Required artefacts:

• Correlation identifier specification. Documentation defining the identifier format, namespace size, generation mechanism (including the random number generator specification), and uniqueness guarantees. Must include the collision probability analysis for the deployment's throughput.
• Correlation boundary map. The current inventory of all system boundaries in each agent's operational path, specifying: systems on each side, communication protocol, propagation mechanism, propagation status (active/bridged/unsupported), and any known limitations. Must be dated and version-controlled.
• Correlation completeness metrics. Historical records of correlation completeness rates — the percentage of traces that are complete across all expected systems — over a minimum trailing period of 90 days. Must show the measurement methodology and the completeness threshold.
• Time synchronisation validation records. Evidence that time synchronisation across all systems in the correlation framework has been validated per AG-412, including the measured clock deviation at each system boundary. Cross-referenced with the correlation boundary map.
• Trace retrieval demonstration. A documented demonstration (or test result) showing that given a correlation identifier, the complete trace can be retrieved across all participating systems, with events ordered by corrected timestamp. Must include at least 3 examples covering different agent operation types.
• Identifier bridge documentation. For each system boundary where the standard correlation identifier cannot be propagated natively, documentation of the bridge mechanism, the bidirectional mapping, and the mapping retention period.

Retention requirements:

• Correlation boundary maps and identifier specifications: minimum 7 years for regulated financial services; minimum 5 years for other regulated sectors; minimum 3 years otherwise.
• Correlation completeness metrics: minimum 24 months of rolling history for trend analysis.
• Individual traces: retention aligned with AG-410 requirements for the relevant event criticality tier.

Access requirements:

• Producible to regulators or auditors within 48 hours of request. Trace retrieval for any specific correlation identifier must be achievable within 4 hours of request during business hours. The correlation boundary map must be current within 30 days.

8. Test Specification

Test 8.1: End-to-End Correlation Identifier Propagation

• Stimulus: Initiate 100 agent operations that each traverse the full operational path (all systems documented in the correlation boundary map). For each operation, verify that the originating correlation identifier is present in the event logs of every participating system.
• Expected behaviour: The correlation identifier assigned at the point of origin appears in the logs of every system the operation traverses.
• Pass criteria: 99% or more of the 100 operations (at least 99) have the correlation identifier present in every participating system's logs. Zero operations have the identifier missing from more than one system.
• Fail criteria: More than 1 operation has the identifier missing from any system, or any operation has the identifier missing from more than one system.

Test 8.2: Identifier Uniqueness and Collision Resistance

• Stimulus: Generate 10 million correlation identifiers using the production identifier generation mechanism. Check for duplicates. Additionally, verify that the random number generator passes a standard statistical randomness test (e.g., NIST SP 800-22 or equivalent).
• Expected behaviour: Zero duplicates in 10 million identifiers. The random number generator passes the randomness test.
• Pass criteria: Zero duplicate identifiers. Randomness test passes at 99% confidence level. Namespace analysis confirms collision probability below 10^-15 at maximum expected throughput.
• Fail criteria: Any duplicate identifier is found, or the randomness test fails, or the collision probability analysis shows probability above 10^-12 at maximum expected throughput.

Test 8.3: Temporal Ordering Integrity

• Stimulus: Execute 50 agent operations spanning at least 3 geographically distributed systems. Retrieve the correlated trace for each operation. Verify that the event ordering is logically consistent — no effect appears before its cause (e.g., a response logged before its request, an approval logged before its submission).
• Expected behaviour: All 50 traces show logically consistent temporal ordering after clock skew correction.
• Pass criteria: 100% of traces (50 of 50) show logically consistent event ordering. No temporal impossibilities exist in any trace.
• Fail criteria: Any trace contains a temporal impossibility (an effect before its cause) that is not explained by documented clock skew within the accepted tolerance.

Test 8.4: Correlation Completeness Detection

• Stimulus: Deliberately introduce correlation gaps by disabling identifier propagation at one system boundary for 50 test operations. Verify that the correlation completeness monitoring system detects the incomplete traces and triggers an alert.
• Expected behaviour: The monitoring system identifies the 50 incomplete traces and fires a completeness alert within the defined alerting window.
• Pass criteria: At least 48 of 50 incomplete traces (96%) are detected by the monitoring system. A completeness alert fires within one alerting evaluation window of the threshold breach.
• Fail criteria: Fewer than 45 of 50 incomplete traces are detected, or no alert fires within two alerting evaluation windows.

Test 8.5: Cross-System Trace Retrieval

• Stimulus: Select 20 historical correlation identifiers representing different operation types (e.g., simple tool call, multi-tool orchestration, human-in-the-loop workflow, cross-agent delegation). For each identifier, execute a trace retrieval request through the unified trace store or federated query layer. Measure retrieval time and completeness.
• Expected behaviour: Complete traces are retrieved for all 20 operations. Retrieval time is within the defined SLA (recommended: under 30 seconds for operations less than 24 hours old, under 5 minutes for older operations).
• Pass criteria: Complete traces retrieved for at least 19 of 20 operations (95%). Retrieval time within SLA for all successful retrievals.
• Fail criteria: Complete traces retrieved for fewer than 18 of 20 operations, or retrieval time exceeds SLA for more than 2 operations.

Test 8.6: Identifier Bridge Integrity

• Stimulus: For each system boundary where an identifier bridge translates between the standard correlation identifier and a legacy system's native identifier, execute 100 operations. Verify that the bridge correctly maintains bidirectional mapping — the standard identifier can be used to retrieve events from the legacy system, and the legacy identifier can be used to retrieve the standard identifier.
• Expected behaviour: Bidirectional mapping is maintained for all 100 operations across all bridge boundaries.
• Pass criteria: 99% or more of operations (at least 99 of 100) have correct bidirectional mapping at every bridge. Zero operations are completely unmappable.
• Fail criteria: More than 1% of operations have broken bidirectional mapping at any bridge, or any operation is completely unmappable.

Test 8.7: Boundary Map Accuracy Validation

• Stimulus: Execute 200 agent operations across all documented agent types. For each operation, record which systems actually received the correlation identifier (based on log evidence). Compare the set of systems that actually participated in correlation against the set documented in the correlation boundary map for that operation type.
• Expected behaviour: The actual correlation path matches the documented boundary map. Systems documented as participating in correlation are confirmed by log evidence. No undocumented systems appear in the correlation path.
• Pass criteria: 95% or more of operations have an actual correlation path that matches the documented boundary map exactly. Any discrepancies are limited to systems documented as "unsupported" or "optional."
• Fail criteria: More than 10% of operations have a correlation path that differs from the documented boundary map, or any system documented as "active" fails to appear in more than 5% of traces.

Conformance Scoring

• Score 0: No cross-system trace correlation exists — each system maintains independent logs with no common identifier, and cross-system investigation requires manual log matching by timestamp or payload content.
• Score 1: A correlation identifier is propagated across some system boundaries, but coverage is incomplete, no boundary map exists, correlation completeness is not monitored, and temporal ordering is not validated.
• Score 2: All mandatory requirements are met — a globally unique correlation identifier is propagated across all documented system boundaries with sufficient namespace, time synchronisation is validated, a boundary map is maintained, correlation completeness is monitored with alerting, and cross-system trace retrieval is operational through a unified or federated query mechanism.
• Score 3: Verified through independent audit — an independent party has validated correlation completeness, identifier uniqueness, temporal ordering integrity, and boundary map accuracy. Hierarchical span structure enables both end-to-end and per-system analysis. Real-time correlation health monitoring provides continuous visibility. Trace assembly is automated with clock skew correction.

9. Regulatory Mapping

Regulation	Provision	Relationship Type
EU AI Act	Article 12 (Record-Keeping / Logging)	Direct requirement
EU AI Act	Article 17 (Quality Management System)	Supports compliance
SOX	Section 404 (Internal Controls Over Financial Reporting)	Supports compliance
FCA SYSC	6.1.1R (Systems and Controls)	Direct requirement
NIST AI RMF	GOVERN 1.5, MEASURE 2.3	Supports compliance
ISO 42001	Clause 9.1 (Monitoring, Measurement, Analysis)	Supports compliance
DORA	Article 11 (Response and Recovery)	Direct requirement

EU AI Act — Article 12 (Record-Keeping / Logging)

Article 12 requires that high-risk AI systems include logging capabilities that enable the tracing of the system's operation. For AI agents that operate across multiple systems, "tracing the system's operation" inherently requires cross-system correlation. A logging capability that captures events within individual systems but cannot link them across system boundaries does not enable tracing of the operation — it enables tracing of fragments. Organisations deploying high-risk AI agents must demonstrate that their logging enables end-to-end operational reconstruction, which requires the governed cross-system trace correlation mandated by AG-418. The correlation identifier is the technical mechanism that transforms isolated per-system logs into a coherent operational trace.

FCA SYSC — 6.1.1R (Systems and Controls)

The FCA expects that firms maintain systems and controls that are adequate for managing their business, including the ability to investigate and reconstruct operational events. For financial agents processing transactions, the ability to trace a transaction end-to-end across all involved systems is a fundamental control requirement. MiFID II transaction reporting and trade surveillance obligations require complete transaction chain reconstruction. AG-418 provides the governance framework ensuring that this reconstruction capability exists and is reliable. A firm that cannot produce a complete transaction trace because correlation identifiers are not propagated across system boundaries has inadequate systems and controls.

SOX — Section 404 (Internal Controls Over Financial Reporting)

Financial processing agents that traverse multiple systems (order management, risk calculation, execution, settlement, reporting) must produce traces that auditors can follow end-to-end. SOX auditors assess the completeness and reliability of the audit trail. A fragmented trail — where events in one system cannot be linked to events in another — is an audit trail deficiency. AG-418 ensures that the audit trail spans all systems in the financial processing chain, enabling auditors to verify that transactions were processed correctly across the entire system landscape.

DORA — Article 11 (Response and Recovery)

DORA Article 11 requires financial entities to have ICT business continuity management that includes response and recovery procedures. Effective incident response depends on the ability to rapidly reconstruct what happened across all affected systems. Cross-system trace correlation enables this reconstruction by providing a single identifier that links events across the entire operational path. Without correlation, incident response teams must manually correlate events across systems — a process too slow for the rapid response that DORA requires. The correlation framework is a prerequisite for effective incident response in multi-system agent deployments.

NIST AI RMF — GOVERN 1.5, MEASURE 2.3

GOVERN 1.5 addresses ongoing monitoring processes for AI systems. MEASURE 2.3 addresses the assessment of AI system reliability under expected conditions. Both functions require observability across the full operational scope of the AI system. For agents spanning multiple systems, this observability requires cross-system trace correlation. Without it, monitoring and measurement are limited to individual system boundaries, missing cross-system failure modes and interaction effects.

ISO 42001 — Clause 9.1 (Monitoring, Measurement, Analysis)

ISO 42001 Clause 9.1 requires organisations to determine what needs to be monitored and measured for the AI management system. For AI agents operating across multiple systems, effective monitoring requires the ability to observe agent behaviour end-to-end, not just within individual system boundaries. Cross-system trace correlation provides the technical foundation for this end-to-end monitoring. Without it, monitoring covers individual systems but misses the cross-system interactions where many governance-relevant behaviours occur.

10. Failure Severity

Field	Value
Severity Rating	High
Blast Radius	Organisation-wide — affects forensic investigation capability for every multi-system agent operation, degrading incident response, audit compliance, and regulatory evidence production across all deployments

Consequence chain: Without governed cross-system trace correlation, the organisation loses the ability to reconstruct the complete causal chain for any multi-system agent operation. The immediate technical failure is trace fragmentation — events exist in individual system logs but cannot be linked across system boundaries. The operational consequence is degraded incident investigation: root cause analysis that should take hours takes days or weeks, and may never reach a definitive conclusion because critical segments of the trace are missing or misordered. The business consequences cascade from there. First, remediation costs increase because investigations are slower and less conclusive, leading to broader defensive fixes instead of targeted corrections (Scenario A: £185,000 broad fix versus £12,000 targeted fix). Second, regulatory compliance is undermined because the organisation cannot produce complete operational traces when requested by auditors or regulators, potentially triggering findings for inadequate logging, record-keeping, or systems and controls. Third, accountability is impossible: AG-398 (Cross-Agent Blame Attribution Governance) cannot function without complete traces, meaning the organisation cannot determine which component, agent, or system caused a failure. Fourth, the failure is progressive: as the agent deployment grows and adds more system boundaries, each ungovemed boundary is an additional correlation failure point. The blast radius expands with the architecture. Organisations with 5 agents across 12 systems have 20-30 system boundaries to govern; organisations with 50 agents across 40 systems have hundreds. Without governance, correlation completeness degrades as architectural complexity increases — precisely when the need for correlation is greatest.

Cross-references: AG-412 (Time Synchronisation Validation Governance) provides the temporal foundation without which correlated traces cannot be reliably ordered. AG-409 (Critical Event Taxonomy Governance) classifies events whose correlation must be guaranteed regardless of system boundary challenges. AG-410 (High-Cardinality Trace Retention Governance) governs retention of the trace data that correlation makes queryable. AG-415 (Decision Journal Completeness Governance) depends on trace correlation to link decision events across systems. AG-416 (Evidentiary Chain-of-Custody Governance) requires correlated, tamper-evident traces for evidentiary use. AG-398 (Cross-Agent Blame Attribution Governance) requires complete cross-system traces to determine fault attribution. AG-389 (Topology Inventory Governance) provides the system topology that informs the correlation boundary map. AG-374 (Session Resumption Integrity Governance) requires trace correlation continuity when sessions are resumed across system restarts.