This dimension governs the mechanisms by which AI-generated or AI-assisted administrative decisions are routed to appropriate appeal pathways and human review processes, ensuring that individuals subject to consequential governmental determinations retain enforceable access to redress and correction. It matters because automated administrative systems operating in public sector, justice, and law enforcement contexts increasingly issue determinations affecting liberty, benefits, immigration status, licensing, and civil rights — domains where procedural error compounds into systemic injustice if appeal pathways are obscured, mis-routed, or silently bypassed. Failure in this dimension manifests as individuals unable to locate or access the correct review channel, decisions treated as final when they are legally appealable, review requests routed to parties lacking authority or independence, and correction windows expiring before affected persons are meaningfully notified.
A state-level automated benefits adjudication system processes 47,000 disability applications per quarter. The system assigns applicants to one of three internal review tiers based on a scoring model, but a misconfiguration in the routing logic causes 1,340 applicants whose cases were flagged as "borderline" to receive denial letters that omit any reference to the formal reconsideration pathway and instead direct them to a general inquiry telephone line. The inquiry line has no authority to initiate reconsideration proceedings. Of the 1,340 affected applicants, 612 attempt to call the number and are told their cases are "under review" — an incorrect status. A 60-day statutory window for formal reconsideration expires for 489 of those individuals before the routing error is detected during a compliance audit. Those 489 individuals must now pursue significantly more burdensome hearing processes, many without legal representation. The agency faces a class action and a federal oversight investigation. The root cause is the absence of a mandatory routing validation gate that would have confirmed, prior to issuing any denial, that the output letter contained a valid, jurisdiction-correct appeal pathway reference.
An AI-assisted risk classification system deployed at a land border crossing assigns individuals to secondary inspection queues. The system's classification logic, integrated with a watch-list matching module, generates a "deferred admission" flag for a dual-national with no enforcement history. The flag triggers an automated hold of 72 hours. The individual requests review. The facility's process routes the review request to the same supervisory officer who approved the initial secondary screening referral — the reviewing officer has no independent standing and no authority to override the AI classification without a separate manual escalation procedure that takes 96 hours minimum. The individual, who holds a valid work authorisation document, misses a critical employment start date. The reviewing officer's limited authority means that even when they identify the mismatch between the AI flag and the individual's documentation, they cannot release the individual without senior override. The appeal routing failure — specifically the lack of a separation-of-functions requirement between the initial decision authority and the review authority — directly prolonged the unlawful hold. The incident is subsequently cited in a federal inspector-general report as evidence of systematic failure to provide independent review for AI-generated border enforcement flags.
A county-level child protective services agency deploys a predictive risk scoring model that generates structured prioritisation recommendations for intake workers. A software update modifies the internal priority scoring thresholds without updating the corresponding case routing tables. As a result, 78 cases assessed by the model as "Priority 1 — Immediate Response" are silently downgraded in the routing table to "Priority 3 — Standard Review" before being assigned to caseworkers. The caseworkers receive no indication that the assigned priority differs from the model's output. Families in 14 of those 78 cases do not receive the mandated 24-hour contact window. Three families later report escalating harm events during the gap period. When a parent in one case subsequently attempts to request review of the initial prioritisation decision, the case routing system has no preserved record of the original model output — only the post-modification routing priority — making it impossible to reconstruct the decision pathway for the purposes of appeal or investigation. This example illustrates two interacting failures: the absence of immutable pre-routing decision capture, and the absence of a citizen-facing mechanism to initiate review of AI-generated priority decisions affecting child welfare interventions.
This dimension applies to any AI system, automated decision-making system, or AI-assisted workflow that produces, contributes to, or influences administrative decisions in public sector, justice, border enforcement, or law enforcement contexts where those decisions carry legal, regulatory, or rights-affecting consequences for individuals or entities. Scope includes decisions on benefits eligibility, immigration status, enforcement prioritisation, licensing, permit denial, risk classification used to trigger enforcement action, and child welfare prioritisation. Scope extends to all components in the decision pipeline — model inference, output formatting, letter or notification generation, routing logic, case management integration, and review queue assignment. Systems that merely provide informational outputs without triggering any downstream administrative action are out of scope, provided that a documented and auditable determination has been made that no downstream administrative action dependency exists.
4.1.1 The system MUST identify, prior to issuing any adverse or rights-affecting administrative determination, the legally applicable appeal or review pathway for the jurisdiction, decision type, and affected individual category associated with that determination.
4.1.2 The system MUST include a reference to the identified appeal pathway in any output, notification, or communication issued to the affected individual, in plain language appropriate to the communication channel used.
4.1.3 The system MUST validate that the appeal pathway reference is current and active at the time of output generation, by querying a maintained registry of authorised review pathways rather than relying on static embedded text.
4.1.4 Where multiple appeal pathways exist in parallel (for example, internal reconsideration and external tribunal), the system MUST present all available pathways and MUST NOT suppress or omit any pathway based on model-predicted likelihood of success.
4.1.5 The system SHOULD present appeal pathway information in the individual's preferred language where language preference data is available or can be reasonably inferred from case context.
4.2.1 The system MUST implement a routing validation gate that executes after decision output generation and before any external communication or action is triggered, confirming that the routing destination for any resulting review request is an authorised, currently active, and jurisdiction-appropriate review body.
4.2.2 The system MUST log the routing destination and routing rationale for every decision subject to this dimension's scope, in a format that is tamper-evident and independently auditable.
4.2.3 The system MUST NOT route a review request to the same individual, team, or automated module that generated the original adverse determination, except where an explicit statutory provision requires internal reconsideration as a first step, in which case the system MUST also route a concurrent notification to the independent oversight body responsible for that decision class.
4.2.4 The system MUST detect and halt routing attempts that would direct an appeal to a body, queue, or handler that has been flagged as inactive, unauthorised, or pending review in the routing registry, and MUST escalate such attempts to a designated human routing administrator within one business hour.
4.2.5 Where routing logic depends on dynamic data inputs (for example, caseload capacity, jurisdictional boundary, individual eligibility category), the system SHOULD perform a routing dry-run on synthetic representative cases at least weekly to verify that routing outcomes remain consistent with intended policy.
4.3.1 The system MUST ensure that every adverse determination capable of affecting individual rights can be routed to a human reviewer who holds documented authority to affirm, modify, suspend, or overturn the determination.
4.3.2 The system MUST NOT treat AI or automated review as a substitute for human review in any case where the determination affects liberty, immigration status, child welfare action, or denial of statutory entitlement.
4.3.3 The system MUST maintain and expose a current roster of qualified human reviewers for each decision category within scope, and MUST NOT permit routing to a reviewer category for which no active, qualified reviewer is available.
4.3.4 Where no qualified human reviewer is available within the timeframe mandated by applicable statute or policy, the system MUST trigger an escalation alert to the agency's designated administrative oversight officer and MUST record the unavailability event.
4.3.5 The system SHOULD surface to the assigned human reviewer a structured summary of the AI system's contribution to the original determination, including the specific model output, the confidence or scoring value if applicable, and any flags or anomalies identified during the decision process.
4.4.1 The system MUST record the statutory or policy-mandated appeal window applicable to each determination at the time the determination is issued, and MUST associate that window with the affected individual's record in a manner that persists through any subsequent system migration or record transfer.
4.4.2 The system MUST generate a reminder notification to the affected individual no later than the midpoint of the applicable appeal window if no appeal or review request has been received, using the contact method specified in the individual's record or, where no record exists, the contact method used for the original determination notice.
4.4.3 The system MUST NOT close or archive a determination record as non-appealed until the full statutory appeal window has elapsed and the system has confirmed that no appeal or review request was submitted through any registered intake channel.
4.4.4 Where the appeal window is measured in calendar days rather than business days, the system MUST apply calendar-day counting and MUST NOT substitute business-day counting without explicit statutory authorisation.
4.4.5 The system SHOULD expose an individual-facing status interface allowing an affected person to confirm their current appeal window status, the channels through which a review request can be submitted, and the expected timeline for review completion.
4.5.1 The system MUST capture and store the complete decision record — including the model's raw output, the pre-routing determination, any transformation or formatting applied to that output before routing, and the routing destination assigned — as an immutable artefact at the moment of routing, prior to any subsequent processing.
4.5.2 The system MUST ensure that the stored pre-routing decision artefact is not modifiable by any downstream process, case management system update, or model retraining event.
4.5.3 The system MUST retain pre-routing decision artefacts for a minimum of seven years from the date of the original determination, or for the full duration of any ongoing legal or administrative proceeding related to that determination, whichever is longer.
4.5.4 The system MUST make the pre-routing decision artefact available to an authorised reviewer, the affected individual (or their authorised representative), and any oversight body with jurisdiction over the decision, upon request and within five business days.
4.5.5 The system SHOULD implement cryptographic signing or equivalent integrity verification on all pre-routing decision artefacts to enable detection of any tampering attempt.
4.6.1 Where a determination affects an individual whose legal status, residence, or the subject matter of the decision spans more than one jurisdiction, the system MUST identify all potentially applicable review bodies in each relevant jurisdiction and MUST NOT unilaterally suppress routing options for any jurisdiction without documented legal justification.
4.6.2 The system MUST maintain a jurisdiction mapping registry that is updated no less frequently than every 90 days to reflect changes in the boundaries of administrative review authority, treaty obligations, and inter-agency agreements.
4.6.3 The system MUST flag any determination where jurisdictional ambiguity exists — meaning the routing logic cannot unambiguously resolve the competent review authority — and MUST route such determinations to a human jurisdictional arbitration officer before issuing any final notification to the affected individual.
4.6.4 The system SHOULD log inter-jurisdictional routing decisions with sufficient metadata to support retrospective analysis of whether routing choices were consistent with applicable treaty frameworks and bilateral administrative agreements.
4.7.1 The system MUST apply enhanced routing protocols for determinations affecting individuals identified as members of legally protected vulnerable categories, including but not limited to minors, individuals with cognitive or communicative disabilities, individuals with limited language proficiency, and individuals in immigration detention.
4.7.2 Enhanced routing MUST include automatic notification to a designated advocacy body or legal aid intake point, in addition to the standard appeal pathway notification, where such bodies are registered for the relevant determination category in the routing registry.
4.7.3 The system MUST NOT rely solely on self-identification to determine whether an individual qualifies for enhanced routing protocols; the system MUST cross-reference case attributes, documentation on record, and any flags set during intake processing.
4.7.4 The system SHOULD apply extended appeal window tracking for individuals in vulnerable categories where the applicable statute or policy provides for such extension, and MUST NOT apply the standard window expiry logic until the extension eligibility determination has been made.
4.8.1 The system MUST implement automated monitoring that detects routing failures — including silent drops, queue overflows, routing to inactive handlers, and mismatched jurisdiction assignments — and MUST generate an alert within 15 minutes of failure detection.
4.8.2 The system MUST implement a fallback routing procedure that activates automatically when the primary routing mechanism fails, directing affected cases to a designated human administrator queue rather than dropping, delaying, or re-queueing the case indefinitely.
4.8.3 The system MUST preserve the appeal window clock in full for any individual whose routing was subject to a detected failure; the appeal window MUST NOT be allowed to continue running during a routing failure event unless the individual has been notified and has elected to proceed through an alternative channel.
4.8.4 The system MUST produce a routing failure incident report for every detected failure event, documenting the cause, the affected cases, the recovery action taken, and the time elapsed between failure onset and recovery, and MUST retain this report for a minimum of five years.
4.8.5 The system SHOULD conduct monthly simulation exercises testing fallback routing procedures against representative failure scenarios to verify that recovery pathways remain functional and within mandated time bounds.
4.9.1 The system MUST expose a governance dashboard to the designated administrative oversight officer providing real-time visibility into routing queue status, pending appeal windows, active escalations, routing failure events, and human reviewer availability across all decision categories within scope.
4.9.2 The system MUST generate a monthly routing governance report summarising total determinations issued, total appeal requests received, routing failures, time-to-review performance against mandated windows, and any jurisdictional routing exceptions, and MUST submit this report to the agency's designated accountability officer.
4.9.3 The system MUST support integration with external audit systems, enabling authorised auditors to extract routing logs, decision artefacts, and appeal pathway reference records without requiring access to the operational system's administrative interface.
4.9.4 The system SHOULD implement a formal routing policy change management process requiring documented impact assessment and a designated approver sign-off before any modification to routing logic, routing registry entries, or appeal pathway configurations is deployed to production.
Administrative appeal routing is not an operational convenience — it is a structural due process obligation. In public sector contexts, the right to challenge a determination is frequently codified in constitutional provisions, primary legislation, or international treaty obligations. An AI system that generates correct decisions at high accuracy rates but systematically fails to route appeals correctly effectively nullifies the legal right of redress for affected individuals, regardless of the underlying model's performance. The harm is not in the AI's reasoning but in the system architecture that isolates the AI's output from the accountability infrastructure surrounding it.
Containment controls in this dimension operate at the system boundary rather than the model boundary. The AI model may be behaving precisely as designed; the failure occurs in the handoff between model output and the administrative process that must follow. This is why AG-564 specifies requirements for routing validation gates, immutable pre-routing capture, fallback mechanisms, and cross-jurisdictional resolution — these are architectural constraints that the model itself cannot self-enforce.
Beyond structural controls, behavioural failure modes in this domain include route suppression (where the system omits appeal options it predicts the individual is unlikely to exercise), jurisdictional avoidance (where routing logic silently defaults to the less burdensome review body), and window drift (where appeal timers are counted inconsistently depending on system load or data pipeline latency). These behaviours may not be explicitly programmed; they may emerge from optimisation pressures within the system — for example, if case closure rates are used as a performance metric, the system may, absent explicit constraints, minimise routing to time-consuming human review channels. The MUST requirements in Section 4.1 through 4.4 are designed specifically to counter these emergent behaviours by mandating affirmative routing actions regardless of predicted review outcome or operational throughput pressures.
This dimension is classified High-Risk/Critical because the compound effect of routing failures in this domain is deprivation of legally mandated rights for populations that frequently have limited capacity to self-advocate, limited legal literacy, and limited alternative access to redress. Unlike commercial domains where a mis-routed customer complaint results in service degradation, a mis-routed administrative appeal in a benefits, immigration, or child welfare context can result in sustained deprivation of income, unlawful detention, family separation, or harm to a child. These outcomes are irreversible within the timeframes in which the administrative process operates. The detection-to-correction lag in government systems is typically measured in months, by which time the statutory window may have closed and the individual's legal position may have materially worsened.
A specific structural principle underlying this dimension is the separation of decision authority from review authority. This principle — well-established in administrative law across common law and civil law traditions — requires that the body reviewing an adverse determination not be the same body that made it, or not be materially dependent on the judgment of the original decision-maker. AI systems that route review requests back to the same model, the same supervisory tier, or the same operational team that generated the original decision violate this principle even when the human reviewer nominally has override authority. The requirements in Section 4.3 operationalise this principle for AI-assisted administrative environments.
Centralised Appeal Pathway Registry with Versioned Entries Maintain a dedicated, centrally managed registry of all approved appeal pathways, indexed by jurisdiction, decision type, and individual category. Each entry should include an effective date, an expiry date or review date, the authorised review body identifier, the statutory basis for the pathway, and the applicable time window. Routing logic should query this registry at runtime rather than embedding pathway references in static templates or model outputs. Registry entries should be versioned, enabling retrospective reconstruction of the pathway that was active at the time of any historical determination.
Decision Envelope Pattern Wrap every AI-generated administrative determination in a structured decision envelope that captures the model output, the routing decision, the applied pathway reference, and a cryptographic hash of the full envelope, prior to any downstream processing. The envelope is written to an append-only store at the moment of creation. All subsequent processing — formatting, transmission, case management integration — operates on a copy of the envelope content, not the original. This pattern satisfies the immutable pre-routing capture requirements of Section 4.5 and provides a reliable artefact for both appeal processing and post-hoc audit.
Dual-Channel Appeal Intake Implement at least two independent intake channels for appeal and review requests — for example, a structured digital portal and a supervised manual intake process — and ensure that both channels write to the same appeal tracking store, with deduplication logic. This reduces the risk of a single channel failure causing an individual's appeal to be silently lost and ensures that individuals with limited digital access can exercise their rights through a supported alternative.
Routing Health Monitoring with Circuit Breaker Implement continuous monitoring of routing queue depths, handler availability, and routing latency. Apply a circuit breaker pattern such that if a routing destination exceeds a defined queue depth or response latency threshold, new cases are automatically redirected to the fallback human administrator queue rather than accumulating behind the degraded destination. This directly supports the requirements of Section 4.8.
Jurisdiction Resolution Service Deploy a dedicated jurisdiction resolution service that, given a set of case attributes (individual nationality, location of determination, subject matter, agency affiliation), returns the set of competent review authorities and their applicable appeal windows. This service should be maintained as an independently deployable component with its own update cadence, ensuring that routing logic can be updated when jurisdictional arrangements change without requiring changes to the core decision system.
Vulnerable Population Flag Propagation Ensure that any vulnerability flag set during case intake — whether by an intake worker, by document analysis, or by cross-reference with registered advocacy body lists — is propagated through the full decision pipeline and is available to the routing logic at the time the routing decision is made. Flags must not be dropped at system integration boundaries. This requires explicit field mapping verification at each API or data handoff point.
Static Appeal Text in Output Templates Embedding appeal pathway references as static text in document templates is a critical anti-pattern. Templates go stale; review bodies change names, addresses, and jurisdictions; statutory windows are amended. Static text cannot be updated atomically and creates divergence between the actual current pathway and the information provided to affected individuals. This anti-pattern was the direct cause of the routing failure in Example A.
Self-Review Routing Routing a review request to the same system module, team, or supervisory tier that generated the original determination is an anti-pattern that violates the independence principle regardless of whether it is nominally labelled "review." The independence requirement must be structural, not merely labelled.
Appeal Window Clock Running During Routing Failures Allowing the statutory appeal window to continue running while the routing system is in a failure state — without notifying the affected individual and without pausing the clock — is an anti-pattern that converts system failures into forfeiture of rights. This pattern frequently emerges in legacy case management integrations where the clock is started by the case creation event rather than by confirmed receipt of the appeal notification.
Suppression of Low-Utilisation Pathways Removing or suppressing appeal pathways from output notifications because historical data shows low utilisation rates (for example, "fewer than 2% of individuals use this pathway") is an anti-pattern. Low utilisation may reflect access barriers, lack of awareness, or historical exclusion — not the absence of need. Every legally available pathway must be surfaced regardless of historical take-up.
Routing Logic Embedded in Model Weights Allowing the AI model to internalise routing behaviour — for example, by training on historical routing decisions so that the model's output implicitly encodes a routing recommendation — is a subtle but dangerous anti-pattern. Routing must be a deterministic, auditable, policy-controlled process external to the model. When routing is embedded in model behaviour, it cannot be independently audited, cannot be updated without retraining, and cannot be isolated from the rest of the model's behaviour when a routing policy change is required.
Compression of Review Records on Archive Compressing or summarising pre-routing decision artefacts when moving them to long-term storage — for example, retaining only the final determination and discarding the model's raw output and intermediate routing steps — is an anti-pattern that destroys the evidentiary foundation needed for appeal and oversight. Full artefacts must be retained at their original resolution.
In jurisdictions operating under administrative procedure codes that specify exact notification requirements (for example, the US Administrative Procedure Act, the EU Charter of Fundamental Rights Article 41, the UK Tribunal Procedure Rules), the routing governance system must be designed with those specific procedural requirements as hard constraints, not aspirational targets. Compliance with these frameworks is not an output of good engineering practice — it is a legal prerequisite for deployment.
In multi-agency environments — common in border enforcement and child welfare contexts — where a single determination may trigger actions by two or more agencies each with their own appeal structures, the routing system must be capable of generating parallel routing outputs for each agency's applicable review pathway simultaneously, and must track each pathway independently.
| Level | Descriptor | Characteristics |
|---|---|---|
| 1 — Initial | Ad-hoc routing | Appeal pathways embedded in static templates; no routing validation; no window tracking; manual escalation only |
| 2 — Defined | Basic routing registry | Centralised pathway registry exists but updates are manual and infrequent; routing logs exist but are not monitored; human review available but authority not formally documented |
| 3 — Managed | Validated routing with monitoring | Runtime registry queries; routing validation gates active; automated window tracking; routing health monitoring with alerting; pre-routing decision capture implemented |
| 4 — Optimised | Full governance integration | Immutable decision envelopes with cryptographic integrity; jurisdiction resolution service; vulnerable population flag propagation; real-time governance dashboard; monthly governance reporting; external audit integration; circuit breaker fallback active |
Routing Registry Export A versioned, timestamped export of the complete appeal pathway routing registry must be produced at the time of each determination batch and retained alongside the batch's pre-routing decision artefacts. This export must be sufficient to reconstruct, for any historical determination, the exact routing options that were available and the rationale for the routing decision made. Retention: seven years minimum, or duration of any related legal proceeding.
Pre-Routing Decision Artefacts For every determination within scope, the complete pre-routing decision artefact as specified in Section 4.5 must be retained in the append-only store. This artefact must include: the model's raw output, the case identifier, the timestamp, the routing destination, the appeal pathway reference provided to the individual, the applicable time window, and the cryptographic integrity hash. Retention: seven years minimum.
Routing Validation Gate Logs Logs produced by the routing validation gate for every determination, including the validation outcome (pass/fail), the registry query result, and — in the case of failures — the escalation action taken. Retention: seven years minimum.
Human Reviewer Roster Records Dated records of the human reviewer roster for each decision category, including qualifications, authority scope, and active status, at intervals of no greater than 30 days. Retention: five years minimum.
Routing Failure Incident Reports All routing failure incident reports as specified in Section 4.8.4. Retention: five years minimum.
Monthly Routing Governance Reports All monthly routing governance reports as specified in Section 4.9.2. Retention: five years minimum.
Appeal Window Tracking Logs Logs showing, for each determination, the appeal window start date, the window type (calendar days / business days), the midpoint reminder dispatch record, and the window close date with confirmation that no appeal was received or, if an appeal was received, the routing destination and timestamp. Retention: seven years minimum.
Jurisdictional Arbitration Records Records of all cases routed to a human jurisdictional arbitration officer under Section 4.6.3, including the case identifier, the jurisdictional ambiguity identified, the officer's determination, and the resulting routing action. Retention: seven years minimum.
Change Management Records Documentation of all routing policy changes, including impact assessments and designated approver sign-offs, as specified in Section 4.9.4. Retention: five years minimum.
Simulation and Testing Records Records of monthly fallback routing simulation exercises as specified in Section 4.8.5, and weekly routing dry-run results as specified in Section 4.2.5. Retention: three years minimum.
| Score | Meaning |
|---|---|
| 0 | Requirement not met; no evidence of implementation |
| 1 | Partial implementation; significant gaps present |
| 2 | Implementation present with minor gaps or documentation deficiencies |
| 3 | Full conformance; evidence complete and requirements met |
Minimum passing threshold for deployment authorisation: an aggregate score of 42 out of a possible 60 across all tests, with no individual Critical test scoring below 2 and no Critical test scoring 0.
Tests marked [Critical] correspond to requirements whose failure alone is sufficient to block deployment or mandate immediate remediation.
Maps to: Sections 4.1.1, 4.1.2, 4.1.3, 4.1.4 Classification: Critical
Procedure: Select a stratified random sample of 50 determination outputs generated by the system within the preceding 30-day period, spanning at least three different decision categories and two jurisdictions. For each output:
Pass Criteria:
Maps to: Sections 4.2.1, 4.2.2, 4.2.3, 4.2.4 Classification: Critical
Procedure:
Pass Criteria:
Maps to: Sections 4.3.1, 4.3.2, 4.3.3, 4.3.4 Classification: Critical
Procedure:
Pass Criteria:
| Regulation | Provision | Relationship Type |
|---|---|---|
| EU AI Act | Article 9 (Risk Management System) | Direct requirement |
| NIST AI RMF | GOVERN 1.1, MAP 3.2, MANAGE 2.2 | Supports compliance |
| ISO 42001 | Clause 6.1 (Actions to Address Risks), Clause 8.2 (AI Risk Assessment) | Supports compliance |
Article 9 requires providers of high-risk AI systems to establish and maintain a risk management system that identifies, analyses, estimates, and evaluates risks. Administrative Decision Appeal Routing Governance implements a specific risk mitigation measure within this framework. The regulation requires that risks be mitigated "as far as technically feasible" using appropriate risk management measures. For deployments classified as high-risk under Annex III, compliance with AG-564 supports the Article 9 obligation by providing structural governance controls rather than relying solely on the agent's own reasoning or behavioural compliance.
GOVERN 1.1 addresses legal and regulatory requirements; MAP 3.2 addresses risk context mapping; MANAGE 2.2 addresses risk mitigation through enforceable controls. AG-564 supports compliance by establishing structural governance boundaries that implement the framework's approach to AI risk management.
Clause 6.1 requires organisations to determine actions to address risks and opportunities within the AI management system. Clause 8.2 requires AI risk assessment. Administrative Decision Appeal Routing Governance implements a risk treatment control within the AI management system, directly satisfying the requirement for structured risk mitigation.
| Field | Value |
|---|---|
| Severity Rating | Critical |
| Blast Radius | Organisation-wide — potentially cross-organisation where agents interact with external counterparties or shared infrastructure |
| Escalation Path | Immediate executive notification and regulatory disclosure assessment |
Consequence chain: Without administrative decision appeal routing governance, the governance framework has a structural gap that can be exploited at machine speed. The failure mode is not gradual degradation — it is a binary absence of control that permits unbounded agent behaviour in the dimension this protocol governs. The immediate consequence is uncontrolled agent action within the scope of AG-564, potentially cascading to dependent dimensions and downstream systems. The operational impact includes regulatory enforcement action, material financial or operational loss, reputational damage, and potential personal liability for senior managers under applicable accountability regimes. Recovery requires both technical remediation and regulatory engagement, with timelines measured in weeks to months.