Marketplace Integrity Governance

2. Summary

Marketplace Integrity Governance requires that every agent operating within or supporting a buyer-seller ecosystem implements formally governed controls to detect, prevent, and respond to fraud, manipulation, and deceptive practices that undermine marketplace trust. This includes counterfeit listing detection, shill bidding identification, fake review suppression, price manipulation prevention, and coordinated seller fraud ring disruption. Without governed marketplace integrity controls, agent-mediated marketplaces become amplifiers of fraud — autonomous systems that process transactions at machine speed can be exploited to scale deceptive practices far beyond what manual moderation can contain, causing direct financial harm to consumers and systemic erosion of platform trust.

3. Example

Scenario A — Agent-Facilitated Counterfeit Listing Proliferation: A customer-facing agent operating a product listing approval pipeline for an online marketplace processes an average of 45,000 new listings per day. The agent performs basic text-matching against a known-counterfeit keyword list but lacks structured integrity governance — no image-hash matching against known counterfeit product images, no seller behaviour correlation, and no cross-listing deduplication. A coordinated fraud ring creates 312 seller accounts over 6 weeks, each submitting listings for counterfeit luxury goods with slightly varied product descriptions that evade keyword matching. The agent approves 8,740 counterfeit listings over a 3-month period. Consumer complaints accumulate slowly because the fraud ring uses realistic product photography and competitive pricing. By the time the marketplace's manual review team identifies the pattern, 4,200 consumers have purchased counterfeit goods totalling $2.3 million in fraudulent transactions.

What went wrong: The agent's integrity checks were limited to a single detection modality (keyword matching) with no governance requirement for multi-signal fraud detection, no seller behavioural clustering, and no feedback loop from consumer complaints to listing approval. The absence of marketplace integrity governance meant no formal requirement existed for the agent to correlate signals across sellers, listings, and buyer complaints. Consequence: $2.3 million in consumer financial harm, 4,200 affected buyers requiring refund processing costing $680,000 in operational overhead, regulatory investigation by the FTC under Section 5 for unfair or deceptive practices, platform trust score decline of 18% measured by post-incident consumer surveys, and $1.4 million in legal settlement costs.

Scenario B — Shill Bidding Amplification in Auction Marketplace: An agent managing bid validation for an auction platform processes real-time bids and determines bid eligibility. The agent enforces basic rules — bid must exceed current price, bidder must have a verified payment method — but has no shill bidding detection governance. A seller creates 7 alternate accounts using synthetic identities and uses them to place incremental bids on their own listings, artificially inflating prices by an average of 34% above fair market value. The agent processes these bids as legitimate because each bid individually satisfies the validation rules. Over 5 months, the shill bidding ring inflates prices across 1,890 auctions, extracting an estimated $890,000 in excess payments from legitimate buyers. The pattern is only discovered when a regulatory authority receives consumer complaints and subpoenas platform transaction data.

What went wrong: The agent enforced per-transaction validation rules without any cross-account risk analysis, bidding pattern anomaly detection, or seller-bidder relationship graph analysis. No governance requirement mandated that the agent detect coordinated bidding behaviour or flag statistically anomalous bidding patterns. Consequence: $890,000 in consumer overpayment, regulatory enforcement action with $2.1 million fine for failure to maintain adequate marketplace safeguards, class-action lawsuit with $3.4 million settlement, and mandatory implementation of shill bidding controls under consent decree.

Scenario C — Fake Review Generation Undermining Marketplace Trust: A cross-border e-commerce agent moderating product reviews accepts review submissions after verifying that the reviewer has a registered account. No governance framework requires the agent to validate purchase history, detect review velocity anomalies, or identify linguistic patterns associated with fabricated reviews. A network of 48 sellers operating across three jurisdictions purchases fake reviews from a review farm, generating 23,000 fabricated 5-star reviews over 4 months. Legitimate sellers with authentic products are systematically displaced in search rankings. Consumer trust surveys reveal that 67% of surveyed buyers made purchase decisions influenced by fraudulent reviews, with aggregate consumer harm estimated at $1.7 million in purchases of inferior products that would not have been selected without review manipulation.

What went wrong: The agent had no governance mandate to correlate reviewer behaviour, validate purchase-to-review linkage, detect review velocity spikes, or apply cross-jurisdictional review pattern analysis. The absence of marketplace integrity governance created a systemic vulnerability where review manipulation operated at scale without detection. Consequence: $1.7 million in consumer harm, displacement of 340 legitimate sellers resulting in aggregate revenue loss of $4.2 million, regulatory action under EU Directive 2005/29/EC on unfair commercial practices, and 14-month remediation programme costing $2.8 million.

4. Requirement Statement

Scope: This dimension applies to any agent that participates in, facilitates, or moderates transactions within a marketplace ecosystem — including listing approval, bid processing, review moderation, seller onboarding, price display, search ranking, and dispute resolution. The scope covers all marketplace modalities: fixed-price retail, auction, peer-to-peer exchange, service marketplaces, and hybrid models. It extends to agents operating in single-jurisdiction and cross-border contexts. The dimension governs the integrity of the marketplace as a system — not individual transaction correctness (which is addressed by financial controls) but the structural conditions that enable trust between buyers and sellers. Organisations operating marketplace agents that interact with consumers in multiple jurisdictions must implement jurisdiction-aware integrity controls that account for varying consumer protection regimes. The scope includes both direct fraud prevention (blocking fraudulent activity) and indirect integrity maintenance (detecting manipulation patterns that degrade marketplace fairness over time).

4.1. A conforming system MUST implement multi-signal fraud detection for marketplace transactions, combining at least three independent detection modalities (e.g., behavioural pattern analysis, identity verification signals, transactional anomaly detection, content similarity analysis, network graph analysis) before approving listings, bids, reviews, or seller account activations.

4.2. A conforming system MUST maintain a formally governed marketplace integrity ruleset that defines prohibited behaviours (counterfeit listings, shill bidding, fake reviews, price manipulation, coordinated inauthentic behaviour), detection thresholds, and enforcement actions for each category, reviewed and updated at least quarterly.

4.3. A conforming system MUST implement seller and buyer behavioural clustering to detect coordinated fraud rings, analysing account creation patterns, transaction graphs, device fingerprints, and behavioural sequences to identify linked accounts operating in concert.

4.4. A conforming system MUST establish a feedback loop from consumer complaints, dispute outcomes, and post-transaction signals back to the listing approval, review moderation, and seller risk scoring functions, with a maximum feedback propagation latency of 24 hours.

4.5. A conforming system MUST log all marketplace integrity decisions — approvals, rejections, escalations, and enforcement actions — with complete decision rationale, input signals, confidence scores, and timestamps in an immutable audit trail conforming to AG-055.

4.6. A conforming system MUST implement real-time price manipulation detection that identifies and flags statistically anomalous pricing patterns, including artificial inflation, predatory underpricing designed to eliminate competition, and coordinated price-fixing across ostensibly independent sellers.

4.7. A conforming system MUST escalate marketplace integrity decisions that exceed defined confidence thresholds to human review in accordance with AG-019, including: novel fraud patterns not matching known categories, high-value transactions exceeding defined monetary thresholds, and enforcement actions affecting sellers with established positive track records.

4.8. A conforming system MUST implement jurisdiction-aware integrity controls for cross-border marketplace operations, applying the consumer protection requirements of each jurisdiction in which buyers or sellers operate, with conflict resolution rules when jurisdictional requirements differ.

4.9. A conforming system SHOULD implement predictive integrity scoring for new marketplace participants, assessing fraud risk at onboarding based on registration signals, behavioural indicators, and correlation with known fraud patterns, with graduated access controls proportional to risk score.

4.10. A conforming system SHOULD maintain a marketplace integrity dashboard providing real-time visibility into fraud detection rates, false positive rates, enforcement action volumes, consumer complaint trends, and integrity score distributions.

4.11. A conforming system MAY implement automated seller reputation recovery mechanisms that provide a governed path for sellers who have been penalised to demonstrate reformed behaviour and regain marketplace standing, subject to enhanced monitoring for a defined probationary period.

4.12. A conforming system MAY participate in cross-platform marketplace fraud intelligence sharing in accordance with AG-697, contributing anonymised fraud indicators and consuming shared threat intelligence to improve detection coverage.

5. Rationale

Marketplace ecosystems depend on a fragile equilibrium of trust between buyers and sellers. When agents mediate marketplace interactions — approving listings, processing bids, moderating reviews, ranking search results — they become the trust infrastructure of the marketplace. A compromised or ungoverned agent does not merely fail to prevent fraud; it actively facilitates fraud at scale, because automated systems process transactions faster and in greater volume than any human moderator could.

The threat model for marketplace integrity encompasses five primary attack vectors. First, counterfeit and prohibited goods: fraudulent sellers use automated listing generation to flood marketplaces with counterfeit products, exploiting the speed differential between listing creation and detection. Second, shill bidding and artificial demand: sellers or their confederates create synthetic demand to inflate prices, exploiting the auction mechanism's reliance on competitive bidding. Third, review manipulation: coordinated networks of fake reviewers distort product quality signals, undermining the information asymmetry reduction that reviews are designed to provide. Fourth, coordinated seller fraud rings: networks of related accounts operating as ostensibly independent sellers to evade per-seller fraud limits, share negative feedback across accounts, and create the illusion of marketplace competition. Fifth, price manipulation: algorithmic or coordinated pricing strategies designed to eliminate competition, exploit demand spikes, or deceive consumers about market value.

Each of these vectors is amplified when agents lack governed integrity controls. An agent without multi-signal detection (Requirement 4.1) can be evaded by attackers who understand the single detection modality in use. An agent without behavioural clustering (Requirement 4.3) cannot detect fraud rings that distribute activity across multiple accounts. An agent without feedback loops (Requirement 4.4) cannot learn from its own failures — consumer complaints about fraudulent products never reach the listing approval function.

The cross-border dimension adds jurisdictional complexity. Consumer protection laws vary significantly: the EU's Consumer Rights Directive provides strong buyer protections including mandatory cooling-off periods; US consumer protection varies by state; many jurisdictions have specific regulations for online marketplaces. An agent operating across borders without jurisdiction-aware controls (Requirement 4.8) may satisfy one jurisdiction's requirements while violating another's — creating regulatory exposure and inconsistent consumer protection.

The preventive nature of this control is essential. Marketplace fraud causes direct, often irrecoverable financial harm to consumers. Detective controls that identify fraud after transactions complete may enable refunds but cannot undo the consumer experience damage or the trust erosion that accumulates with each fraudulent interaction. The governance framework therefore mandates preventive controls — multi-signal detection before approval, real-time price manipulation detection, and predictive risk scoring at onboarding — while recognising that detective controls (feedback loops, complaint analysis) are necessary complements that improve preventive accuracy over time.

6. Implementation Guidance

Marketplace integrity governance should be implemented as a layered defence system where multiple independent detection mechanisms operate in parallel, each contributing signals to a unified integrity decision engine. The integrity decision engine aggregates signals, applies the governed ruleset, and produces an approval, rejection, or escalation decision with a confidence score and full decision rationale.

Recommended patterns:

• Multi-modal detection pipeline. Implement detection as a pipeline of independent analysers, each examining a different signal dimension: content analysis (text similarity, image hashing, metadata extraction), risk analysis (account age, transaction velocity, temporal patterns), network analysis (account linkage graphs, shared device fingerprints, IP correlation), and economic analysis (pricing anomalies, demand pattern irregularities, revenue concentration). Each analyser produces an independent risk score; the integrity engine combines scores using a governed aggregation function (weighted sum, ensemble classifier, or rule-based threshold logic). This architecture ensures that evasion of one analyser does not defeat the entire system.
• Governed ruleset with version control. Maintain the marketplace integrity ruleset as a structured, version-controlled artefact — not embedded in application code. Each rule specifies: the prohibited behaviour category, the detection signals, the confidence threshold for automated action, the enforcement action (warning, listing removal, account suspension, permanent ban), and the escalation criteria for human review. Ruleset changes follow the same change-control process as any governance artefact, with review, approval, and audit trail. This enables rapid rule updates in response to emerging fraud patterns without code deployment.
• Complaint-to-detection feedback loop. Implement a structured pipeline that processes consumer complaints, dispute outcomes, and return/refund patterns, extracts fraud indicators, and feeds them back to the detection pipeline. Use complaint clustering to identify emerging fraud patterns before they reach detection threshold volumes. The feedback loop should operate within the 24-hour latency requirement of 4.4, with critical fraud indicators (e.g., complaints alleging counterfeit goods) propagated within 1 hour.
• Graduated enforcement with proportionality. Implement enforcement actions that are proportional to the severity and confidence of the integrity finding. First-time violations with moderate confidence may trigger enhanced monitoring rather than immediate suspension. Repeated violations or high-confidence findings trigger escalating enforcement. This proportionality reduces false-positive harm to legitimate sellers while maintaining deterrence. All enforcement actions must be logged and auditable.
• Cross-jurisdictional rule layering. For cross-border operations, implement a jurisdiction resolution layer that determines which consumer protection rules apply based on seller location, buyer location, and transaction characteristics. When jurisdictional requirements conflict, apply the more protective standard unless a specific override has been approved and documented. Maintain a mapping between jurisdictional requirements and marketplace integrity rules, updated at least quarterly in coordination with AG-210 (Multi-Jurisdictional Regulatory Mapping).

Anti-patterns to avoid:

• Single-signal detection. Relying on a single detection method (e.g., keyword matching alone for counterfeit detection, or IP-based blocking alone for fraud ring detection) creates a single point of failure that sophisticated attackers will identify and evade. Single-signal systems provide a false sense of security while failing against adaptive adversaries.
• Static rulesets. Deploying fraud detection rules at launch and never updating them. Marketplace fraud evolves continuously — fraud rings adapt to detection methods within weeks. A static ruleset becomes progressively less effective and may reach near-zero detection rates for evolved fraud patterns within 6–12 months.
• Siloed detection with no feedback. Operating listing approval, review moderation, and dispute resolution as independent systems with no data sharing. Fraud rings exploit these silos by generating complaints that never reach the listing approval function, or by accumulating fake reviews on listings that have already passed content analysis. Detection systems must share signals across marketplace functions.
• Binary enforcement without appeal. Implementing enforcement as a binary system (approved/banned) with no graduated response and no appeal mechanism. This creates disproportionate impact on legitimate sellers who trigger false positives, generates regulatory risk in jurisdictions that require procedural fairness for platform enforcement actions, and eliminates the intelligence value of monitoring suspect accounts (which can reveal broader fraud ring structures).
• Vendor-locked detection models. Embedding marketplace integrity logic within a proprietary vendor's detection system without maintaining independent governance of the ruleset, thresholds, and enforcement criteria. If the vendor changes their detection model, raises prices, or discontinues service, the marketplace loses integrity governance capability. The governed ruleset must be organisation-owned even if the detection infrastructure is vendor-provided.

Industry Considerations

Retail e-commerce platforms: Prioritise counterfeit detection (image hashing, brand trademark matching), fake review identification (purchase verification, reviewer clustering), and return fraud detection. Regulatory focus: FTC Section 5, EU Consumer Rights Directive, platform-specific obligations under the EU Digital Services Act.

Auction and bidding platforms: Prioritise shill bidding detection (bidder-seller relationship graphs, bid timing analysis, final price distribution analysis), reserve price manipulation, and auction sniping by coordinated groups. Regulatory focus: state-level auction regulations, FTC deceptive practices enforcement.

Service marketplaces: Prioritise provider credential verification, fake review detection for service providers, price gouging detection during demand surges, and discriminatory service refusal detection. Regulatory focus: professional licensing requirements, anti-discrimination laws, consumer protection statutes.

Peer-to-peer exchange platforms: Prioritise scam detection (advance fee fraud, bait-and-switch schemes), identity verification for high-value transactions, and escrow mechanism integrity. Regulatory focus: money transmission regulations, consumer protection laws, platform liability frameworks.

Maturity Model

Basic Implementation — The organisation has documented a marketplace integrity ruleset defining prohibited behaviours and enforcement actions. Multi-signal detection is implemented with at least three independent modalities. Integrity decisions are logged with decision rationale. Consumer complaints are manually reviewed and fed back to detection rules on a weekly basis. Jurisdiction-specific requirements are documented but applied through manual configuration. Human escalation paths exist for high-confidence findings.

Intermediate Implementation — The integrity ruleset is maintained as a version-controlled, machine-readable artefact with quarterly review cycles. Detection pipeline aggregates signals automatically using a governed scoring function. Complaint-to-detection feedback operates within 24-hour latency. Behavioural clustering identifies coordinated account networks automatically. Cross-jurisdictional rule layering applies appropriate consumer protection requirements based on transaction context. Real-time integrity dashboards provide visibility into detection rates and enforcement volumes. False positive rates are tracked and optimised.

Advanced Implementation — All intermediate capabilities plus: predictive integrity scoring at seller onboarding with graduated access controls. Detection models are continuously retrained using labelled fraud data from enforcement outcomes and complaint analysis. Cross-platform fraud intelligence sharing is implemented with anonymised indicator exchange. Automated A/B testing of detection thresholds optimises the precision-recall trade-off. The integrity system undergoes independent red-team assessment at least annually, with adversaries specifically tasked with evading detection using the same techniques available to real fraud rings. Regulatory compliance is verified through automated mapping between jurisdictional requirements and active ruleset parameters.

7. Evidence Requirements

Required artefacts:

• Marketplace integrity ruleset. The current version of the governed ruleset defining prohibited behaviours, detection signals, confidence thresholds, enforcement actions, and escalation criteria for each fraud category. Format: machine-readable structured data (JSON, YAML, or rules-engine export) plus a human-readable summary. Must include version identifier, last review date, and approver identities.
• Detection pipeline architecture documentation. A description of all detection modalities in use, their signal sources, how signals are aggregated, and the decision logic applied. Must demonstrate compliance with the three-modality minimum of Requirement 4.1.
• Integrity decision logs. Complete logs of all marketplace integrity decisions (approvals, rejections, escalations, enforcement actions) with input signals, confidence scores, decision rationale, and timestamps. Must conform to AG-055 immutability requirements.
• Behavioural clustering outputs. Documentation of fraud ring detection capability, including: clustering methodology, number of coordinated account networks identified in the most recent reporting period, enforcement actions taken against identified rings, and false positive analysis.
• Feedback loop performance records. Metrics demonstrating that the complaint-to-detection feedback loop operates within the 24-hour maximum latency requirement, including: average feedback propagation time, percentage of complaints processed within SLA, and examples of detection rule updates triggered by complaint analysis.
• Jurisdictional compliance mapping. For cross-border operations: a mapping of applicable consumer protection requirements by jurisdiction, the marketplace integrity rules that satisfy each requirement, and conflict resolution decisions where jurisdictional requirements differ.
• Escalation records. Records of integrity decisions escalated to human review, including: escalation trigger, human reviewer decision, and outcome. Must demonstrate compliance with escalation criteria defined in Requirement 4.7.

Retention requirements:

• Integrity decision logs and enforcement action records: minimum 7 years for platforms operating in regulated financial services; minimum 5 years for platforms subject to consumer protection regulatory oversight; minimum 3 years otherwise.
• Marketplace integrity rulesets (all versions): minimum 5 years or the duration of any ongoing regulatory investigation, whichever is longer.
• Behavioural clustering outputs and fraud ring identification records: minimum 3 years.

Access requirements:

• Producible to regulators, law enforcement, or auditors within 48 hours of request. Integrity decision logs must be queryable by transaction, seller, buyer, and time range. Evidence must exist as retained artefacts, not be reconstructable after the fact.

8. Test Specification

Test 8.1: Multi-Signal Detection Modality Verification

• Stimulus: Submit a test listing, bid, or review through the marketplace integrity pipeline. Inspect the detection pipeline to enumerate all detection modalities that evaluate the submission.
• Expected behaviour: At least three independent detection modalities analyse the submission and contribute signals to the integrity decision.
• Pass criteria: Three or more distinct detection modalities are documented, operational, and produce independent signals for the test submission. Signal sources are verifiably independent (not derived from the same underlying data transformation).
• Fail criteria: Fewer than three independent detection modalities are operational, or any modality is non-functional at the time of test.

Test 8.2: Integrity Ruleset Governance Verification

• Stimulus: Request the current marketplace integrity ruleset and its version history. Verify that prohibited behaviours, detection thresholds, and enforcement actions are formally defined. Verify that the ruleset has been reviewed within the most recent quarter.
• Expected behaviour: A structured, version-controlled ruleset exists with all required elements. The most recent review is within 90 days of the test date.
• Pass criteria: The ruleset is documented in a structured format, includes all fraud categories listed in Requirement 4.2, has been reviewed and approved within the last quarter, and change history is complete with approver identities.
• Fail criteria: No formal ruleset exists, the ruleset is missing prohibited behaviour categories, the most recent review exceeds 90 days, or change history is incomplete.

Test 8.3: Behavioural Clustering Detection Effectiveness

• Stimulus: Introduce a simulated fraud ring consisting of 5 accounts with correlated creation patterns (similar registration times, shared network characteristics, coordinated transaction patterns). Submit coordinated marketplace activity from the simulated accounts.
• Expected behaviour: The behavioural clustering system identifies the simulated accounts as linked within the detection SLA and flags the coordinated activity for review or enforcement.
• Pass criteria: At least 4 of 5 simulated fraud ring accounts are identified as linked. The coordinated activity is flagged for review or subject to enforcement action. Detection occurs within the defined SLA.
• Fail criteria: Fewer than 4 of 5 accounts are identified as linked, or the coordinated activity is not flagged within the detection SLA.

Test 8.4: Feedback Loop Latency Verification

• Stimulus: Submit a consumer complaint indicating a fraudulent transaction (e.g., counterfeit product received). Measure the time from complaint submission to the complaint signal being available to the listing approval and seller risk scoring functions.
• Expected behaviour: The complaint signal propagates to detection functions within 24 hours.
• Pass criteria: Signal propagation latency is 24 hours or less. The complaint data is verifiably available to the listing approval and seller risk scoring functions within the latency window.
• Fail criteria: Signal propagation exceeds 24 hours, or the complaint data is not available to detection functions after propagation.

Test 8.5: Integrity Decision Audit Trail Completeness

• Stimulus: Retrieve integrity decision logs for a sample of 50 marketplace decisions (approvals, rejections, escalations). Verify that each log entry contains: decision outcome, input signals, confidence score, decision rationale, and timestamp.
• Expected behaviour: All sampled log entries are complete, immutable, and contain all required fields.
• Pass criteria: 100% of sampled log entries contain all required fields. Log entries are stored in an immutable audit trail conforming to AG-055. No log entries have been modified after creation.
• Fail criteria: Any sampled log entry is missing required fields, or any evidence of post-creation modification is detected.

Test 8.6: Price Manipulation Detection Verification

• Stimulus: Introduce a simulated price manipulation pattern — a coordinated price increase of 40% across 10 ostensibly independent seller accounts for the same product category within a 48-hour window. Monitor the agent's detection and response.
• Expected behaviour: The price manipulation detection system identifies the anomalous pricing pattern and flags the affected listings for review or enforcement.
• Pass criteria: The coordinated pricing anomaly is detected and flagged. At least 8 of 10 affected listings are identified. Detection occurs within the real-time SLA defined in the integrity ruleset.
• Fail criteria: The pricing anomaly is not detected, fewer than 8 of 10 listings are identified, or detection exceeds the defined SLA.

Test 8.7: Human Escalation Trigger Verification

• Stimulus: Submit marketplace activity that matches the escalation criteria defined in Requirement 4.7: (a) a novel fraud pattern not matching known categories, (b) a high-value transaction exceeding the defined monetary threshold, (c) an enforcement action against a seller with an established positive track record (e.g., 500+ successful transactions, 4.8+ rating).
• Expected behaviour: All three scenarios trigger escalation to human review. The escalation includes the integrity decision context, input signals, and recommended action.
• Pass criteria: All three test scenarios are escalated to human review with complete decision context. No scenario is auto-resolved without human involvement.
• Fail criteria: Any of the three scenarios fails to trigger human escalation, or the escalation lacks sufficient decision context for effective human review.

Test 8.8: Cross-Jurisdictional Rule Application Verification

• Stimulus: Submit a marketplace transaction involving a seller in Jurisdiction A and a buyer in Jurisdiction B, where the two jurisdictions have differing consumer protection requirements (e.g., EU buyer with mandatory cooling-off period, non-EU seller without equivalent domestic requirement). Verify that the agent applies the appropriate jurisdictional rules.
• Expected behaviour: The agent identifies both applicable jurisdictions, applies the consumer protection requirements of each, and where requirements conflict, applies the more protective standard or the documented conflict resolution rule.
• Pass criteria: Both jurisdictions are correctly identified. The more protective consumer protection standard is applied (or the documented conflict resolution rule is followed). The jurisdictional rule application is logged in the integrity decision record.
• Fail criteria: Either jurisdiction is not identified, the less protective standard is applied without documented justification, or jurisdictional rule application is not logged.

Conformance Scoring

• Score 0: No marketplace integrity governance exists — the agent processes marketplace transactions without fraud detection, no integrity ruleset is defined, and no integrity decision logging is performed.
• Score 1: Basic marketplace integrity controls exist — the agent implements some fraud detection but with fewer than three independent modalities, an integrity ruleset exists but is not formally governed or regularly reviewed, and integrity decisions are logged but without complete decision rationale.
• Score 2: The agent implements multi-signal detection with three or more modalities, maintains a governed and version-controlled integrity ruleset reviewed quarterly, logs all integrity decisions with complete audit trails, implements behavioural clustering for fraud ring detection, and operates a complaint-to-detection feedback loop within 24-hour latency. Human escalation paths are defined and operational.
• Score 3: Verified by independent assessment — an independent party has validated the detection pipeline's effectiveness through adversarial testing, the feedback loop's latency compliance, the behavioural clustering system's detection rate, and the cross-jurisdictional rule application correctness. The integrity system has undergone red-team testing with documented results, and continuous improvement metrics demonstrate measurable fraud detection rate improvement over time.

9. Regulatory Mapping

Regulation	Provision	Relationship Type
EU Digital Services Act	Article 14 (Terms of Service / Content Moderation)	Direct requirement
EU Digital Services Act	Article 34 (Risk Assessment for VLOPs)	Supports compliance
EU Directive 2005/29/EC	Articles 5-9 (Unfair Commercial Practices)	Direct requirement
EU Consumer Rights Directive	Articles 6-8 (Information Requirements)	Supports compliance
FTC Act	Section 5 (Unfair or Deceptive Acts or Practices)	Supports compliance
EU AI Act	Article 9 (Risk Management System)	Supports compliance
OECD Recommendation on Consumer Protection in E-commerce	Section II (Fair Business Practices)	Supports compliance
PCI DSS	Requirement 10 (Track and Monitor Access)	Supports compliance

EU Digital Services Act — Article 14 and Article 34

The Digital Services Act (DSA) imposes direct obligations on online marketplace platforms regarding content moderation, illegal content reporting, and systemic risk assessment. Article 14 requires platforms to include clear information in their terms of service about content moderation policies, including algorithmic decision-making. Article 34 requires very large online platforms to identify, analyse, and assess systemic risks, including the dissemination of illegal content and manipulation of their services. AG-690's requirements for a governed integrity ruleset (4.2), comprehensive decision logging (4.5), and human escalation (4.7) directly support DSA compliance by ensuring that marketplace integrity enforcement is transparent, documented, and subject to human oversight. The multi-signal detection requirement (4.1) and behavioural clustering requirement (4.3) support the systemic risk assessment obligations by providing the detection infrastructure necessary to identify and quantify marketplace manipulation at scale.

EU Directive 2005/29/EC — Unfair Commercial Practices

The Unfair Commercial Practices Directive prohibits practices that are contrary to professional diligence and materially distort the economic behaviour of consumers. Fake reviews, shill bidding, and counterfeit listings are all unfair commercial practices under this directive. AG-690 provides the governance framework for detecting and preventing these practices within agent-mediated marketplaces. The feedback loop requirement (4.4) is particularly relevant — the directive's enforcement depends on platforms acting on evidence of unfair practices, and a governed feedback loop ensures that consumer complaints reach the systems responsible for preventing future harm.

FTC Act — Section 5

Section 5 of the FTC Act prohibits unfair or deceptive acts or practices in commerce. The FTC has increasingly focused enforcement on marketplace platforms that fail to prevent deceptive practices on their platforms, including fake reviews, counterfeit goods, and misleading pricing. AG-690's requirements for multi-signal fraud detection, price manipulation detection, and comprehensive audit trails provide the governance infrastructure necessary to demonstrate that the platform has implemented reasonable measures to prevent deceptive practices — a standard the FTC applies when evaluating platform liability.

EU AI Act — Article 9

When marketplace integrity functions are implemented using AI systems (machine learning classifiers for counterfeit detection, NLP models for fake review identification), these systems may fall within the EU AI Act's scope. Article 9 requires risk management systems for high-risk AI applications. AG-690's governance framework — including ruleset governance, decision logging, human escalation, and feedback loops — maps directly to the risk management system requirements, providing a structured approach to managing the risks of AI-mediated marketplace integrity enforcement.

Cross-Border Consumer Protection

For agents operating across multiple jurisdictions (Requirement 4.8), the regulatory landscape is particularly complex. The EU provides harmonised consumer protection through directives, but member states may implement additional requirements. Non-EU jurisdictions have their own consumer protection regimes. AG-690's cross-jurisdictional rule layering requirement, combined with AG-210 (Multi-Jurisdictional Regulatory Mapping), ensures that marketplace integrity governance accounts for this complexity rather than defaulting to a single jurisdiction's requirements and creating compliance gaps elsewhere.

10. Failure Severity

Field	Value
Severity Rating	Critical
Blast Radius	Ecosystem-wide — affects all buyers, sellers, and marketplace participants; extends to consumer financial harm and platform viability

Consequence chain: Failure of marketplace integrity governance triggers a predictable degradation cascade. The immediate failure mode is undetected fraud proliferation — counterfeit listings, shill bidding, fake reviews, and coordinated seller fraud rings operate without detection or enforcement. This produces direct consumer financial harm as buyers purchase counterfeit goods, overpay due to shill bidding, or make decisions based on manipulated reviews. The secondary effect is legitimate seller displacement — honest sellers cannot compete against fraudulent actors who manipulate rankings, reviews, and prices, leading to a market lemons problem where low-quality fraudulent offerings drive out high-quality legitimate ones. The tertiary effect is systemic trust erosion — consumers lose confidence in the marketplace, transaction volumes decline, and the platform enters a death spiral of declining trust and declining participation. The regulatory consequence is enforcement action: FTC Section 5 actions for deceptive practices (fines ranging from $10,000 to $50,000 per violation), EU DSA enforcement for failure to address systemic risks (fines up to 6% of global annual turnover for VLOPs), and Unfair Commercial Practices Directive enforcement (member state penalties varying by jurisdiction). The legal consequence includes class-action litigation from harmed consumers and displaced sellers, with settlement costs proportional to the duration and scale of undetected fraud. For cross-border operations, failure creates regulatory exposure in every jurisdiction where consumers were harmed, potentially triggering parallel enforcement actions with compounding penalties. The reputational consequence — measured in lost consumer trust and platform abandonment — may exceed direct financial penalties by an order of magnitude.

Cross-references: AG-001 (Operational Boundary Enforcement) provides the foundational boundary controls that marketplace agents must operate within. AG-004 (Action Rate Governance) governs transaction processing rate limits that prevent automated fraud at machine speed. AG-005 (Instruction Integrity Verification) ensures that marketplace integrity rules are not bypassed through instruction manipulation. AG-019 (Human Escalation & Override Triggers) defines the escalation framework that Requirement 4.7 references for integrity decisions exceeding automated confidence thresholds. AG-022 (Behavioural Drift Detection) detects when marketplace agent behaviour drifts from its governed integrity baseline. AG-029 (Data Classification Enforcement) governs the classification of marketplace transaction data used by integrity detection systems. AG-033 (Consent Lifecycle Governance) ensures that marketplace data collection for fraud detection complies with consent requirements. AG-055 (Audit Trail Immutability & Completeness) provides the audit trail standard that Requirement 4.5 references for integrity decision logging. AG-068 (Intellectual Property Boundary Governance) addresses the intellectual property dimensions of counterfeit listing detection. AG-210 (Multi-Jurisdictional Regulatory Mapping) provides the jurisdictional mapping framework that Requirement 4.8 references for cross-border integrity controls. AG-689 (Abuse Taxonomy Governance) provides the classification framework for marketplace abuse types that the integrity ruleset references. AG-695 (Repeat-Offender Linkage Governance) supports the behavioural clustering requirement of 4.3 by providing cross-account linkage capabilities for repeat fraud offenders.