Neuromorphic and Non-Transformer Architecture Governance

1. Definition

Neuromorphic and Non-Transformer Architecture Governance ensures that the AGS governance framework remains effective and applicable as agent architectures diversify beyond the transformer paradigm. While transformers dominate current agent implementations, rapid advances in neuromorphic computing (spiking neural networks on chips like Intel Loihi 2 and IBM NorthPole), state-space models (Mamba, RWKV), liquid neural networks, and hybrid neuro-symbolic architectures are producing agents with fundamentally different computational characteristics that challenge existing governance assumptions.

Many governance controls implicitly assume transformer-like properties: discrete token-level processing, attention-based interpretability techniques, gradient-based fine-tuning for alignment, and deterministic inference paths. Neuromorphic agents, by contrast, operate with event-driven spiking dynamics, temporal coding, and hardware-level learning rules (e.g., spike-timing-dependent plasticity) that make standard interpretability tools inapplicable. AG-776 mandates that organisations deploying non-transformer agents must develop architecture-specific governance instrumentation that provides functional equivalence to transformer-based governance controls.

The dimension establishes a governance portability framework: for each governance control in the AGS standard, organisations must demonstrate either (a) direct applicability to the non-transformer architecture, (b) a functionally equivalent alternative control that achieves the same governance objective, or (c) a documented exception with compensating controls. This portability assessment must be completed before any non-transformer agent is promoted to production.

AG-776 also addresses the provenance challenge. Non-transformer models may be trained using fundamentally different processes (e.g., evolutionary optimization, neuromorphic in-situ learning) that produce artefacts not captured by standard model cards or training provenance records. The dimension requires that model provenance documentation be extended to cover architecture-specific training methodologies, hardware dependencies, and temporal dynamics.

A key challenge with non-transformer architectures is the potential for hardware-dependent behaviour. A spiking neural network trained and validated on Intel Loihi 2 may exhibit subtly different spike timing and decision boundaries when deployed on a different neuromorphic chip or when emulated in software. AG-776 therefore requires that governance validation must be performed on the target deployment hardware, not just on software emulators, and that any hardware change triggers a re-validation of the governance portability assessment.

2. Scope

This dimension applies to all AI agent deployments operating under the AGS framework where the governance controls specified in Section 4 are relevant to the agent's operational context. Specifically:

• All agents at the Frontier tier and above operating within governed ecosystems
• Agents interacting with external systems where the governance controls affect data integrity, action authorisation, or compliance obligations
• Agents operating in regulated industries where the mapped regulatory requirements (Section 9) create binding obligations
• Multi-agent deployments where governance coordination between agents is required

Exclusions: Agents operating in fully sandboxed research environments with no access to production data or systems are excluded, subject to the condition that any transition to production immediately triggers compliance with this dimension. Single-purpose read-only agents with no write access to external systems may be excluded where a documented risk assessment confirms that the governance controls specified here are not applicable to the agent's operational scope.

Industry Considerations

Financial Services. Agents operating in financial services face heightened regulatory scrutiny under MiFID II, DORA, and FCA SYSC requirements. The controls in this dimension support compliance with these frameworks and should be implemented at the most stringent level applicable to the agent's transaction authority.

Healthcare. Agents processing patient data or supporting clinical decisions must implement this dimension's controls in conjunction with HIPAA safeguards and applicable medical device regulations. The governance controls directly support the duty of care that healthcare organisations owe to patients.

Public Sector. Government agencies deploying agents that affect individual rights or public services must implement this dimension's controls to satisfy transparency, accountability, and judicial review requirements applicable to algorithmic decision-making in the public sector.

3. Why This Matters

Neuromorphic and Non-Transformer Architecture Governance addresses a governance gap that, if left unmanaged, creates systemic risk across the agent ecosystem. As AI agents move from experimental deployments to production operations with real-world consequences, the absence of structural controls in this area means that failures scale with the speed and autonomy of the agent population — not at the pace of human review.

Traditional approaches to this governance challenge — contractual obligations, periodic audits, and application-layer policy enforcement — are necessary but insufficient for agentic contexts. Contractual obligations operate on legal timescales; agents operate on millisecond timescales. Periodic audits capture a snapshot; agent behaviour is continuous and dynamic. Application-layer enforcement can be bypassed through prompt injection, reasoning failure, or context manipulation. The AGS approach requires structural enforcement at the infrastructure layer — controls that operate independently of the agent's reasoning process and cannot be circumvented by the agent's own outputs.

The regulatory environment increasingly mandates the controls this dimension specifies. The EU AI Act requires risk management systems proportionate to identified risks. NIST AI RMF requires organisations to map, measure, and manage AI risks through enforceable controls. ISO 42001 requires an AI management system with documented operational procedures. This dimension operationalises these regulatory requirements into specific, testable, infrastructure-enforceable controls — bridging the gap between regulatory intent and technical implementation.

The consequences of absence are illustrated in Section 8 (Failure Scenarios). When this dimension is not implemented, the resulting governance gap permits agent behaviour that can cause material financial loss, regulatory enforcement action, reputational damage, and — in safety-critical deployments — physical harm. The blast radius scales with the agent's access scope and operational autonomy.

4. Requirements

1. Organisations deploying agents based on non-transformer architectures MUST complete a governance portability assessment before production deployment.
2. The governance portability assessment MUST evaluate every applicable AGS control for direct applicability, functional equivalence, or documented exception with compensating controls.
3. Architecture-specific governance instrumentation MUST provide functional equivalence to transformer-based controls for interpretability, alignment verification, and audit trail generation.
4. Non-transformer model provenance documentation MUST include architecture type, training methodology (including non-gradient-based methods), hardware dependencies, and temporal dynamics.
5. Continuously adapting models (e.g., liquid neural networks, online learning systems) MUST implement behavioural envelope monitoring that detects and alerts on distribution drift beyond defined boundaries.
6. Behavioural envelope violations MUST trigger automatic constraint to a safe operating mode within 1 second for Safety-Critical agents and 30 seconds for other profiles.
7. Governance portability assessments MUST be reviewed and updated whenever the non-transformer architecture undergoes a significant change (hardware revision, learning rule modification, topology change).
8. Organisations SHOULD contribute architecture-specific governance tooling to industry-shared repositories to accelerate governance coverage for emerging architectures.
9. Non-transformer agents MUST maintain audit trails with the same information content as required for transformer-based agents, even if the format differs.
10. Dual-architecture verification (pairing a non-transformer agent with a transformer-based verification agent) SHOULD be used for high-risk decisions where non-transformer interpretability gaps exceed 20%.

5. Maturity Model

Basic Implementation — The organisation has documented policies addressing neuromorphic and non-transformer architecture and has implemented initial controls. Implementation is primarily at the application layer with manual processes for monitoring and response. Logging covers key events but may lack full metadata. Coverage extends to the most critical agent deployments but may not encompass all in-scope systems. Staff are aware of requirements but formal training may be incomplete.

Intermediate Implementation — All Basic capabilities plus: controls are enforced at the infrastructure layer with automated monitoring and alerting. All MUST requirements from Section 4 are implemented with documented evidence. Coverage extends to all in-scope agent deployments. Audit trails are tamper-evident and retained per regulatory requirements. Formal change control governs all configuration changes. Regular review cycles are established and documented. Staff receive formal training and competency is assessed.

Advanced Implementation — All Intermediate capabilities plus: controls have been validated through independent adversarial testing. Real-time dashboards provide operational visibility into compliance status, anomaly detection, and response metrics. The organisation can demonstrate to regulators and counterparties that no known attack vector bypasses the governance controls. Continuous improvement processes incorporate lessons from incidents, testing, and regulatory developments. Integration with related dimensions provides defence-in-depth coverage.

Implementation Patterns

Tamper-evident audit trail. Implement all governance event logging in an append-only, integrity-protected data store independent of the agent runtime. Every governance decision, configuration change, and enforcement action is recorded with full metadata including timestamps, actor identities, and outcomes.

Real-time monitoring with graduated alerting. Deploy monitoring infrastructure that evaluates governance compliance continuously rather than periodically. Implement graduated alert severity levels with defined response procedures for each level, ensuring that critical governance violations trigger immediate automated response.

Scheduled governance review cycle. Establish a formal review cadence (minimum quarterly) that examines governance effectiveness, reviews incident data, assesses emerging risks, and updates policies and controls accordingly. Review outcomes are documented and tracked.

Separation of governance and agent runtime domains. Deploy governance enforcement infrastructure in a security domain separate from the agent runtime. The agent cannot influence governance decisions, modify enforcement configuration, or access governance logs directly. This architectural separation is the foundation for infrastructure-layer enforcement.

Anti-Patterns

Governance by instruction rather than infrastructure. Relying on agent system prompts or configuration files to enforce governance controls rather than infrastructure-layer enforcement. Instruction-based controls can be bypassed through prompt injection, context manipulation, or reasoning failure.

Monitoring without enforcement. Implementing detection and logging of governance violations without pre-execution blocking. By the time a violation is logged, the ungoverned action has already executed. Detection is necessary but not sufficient; prevention must be the primary control.

Manual processes for machine-speed operations. Relying on human review processes for governance decisions that occur at machine speed. Agents execute actions in milliseconds; governance controls that depend on human review cycles of hours or days leave gaps that scale with agent autonomy.

6. Test Criteria

Test Case 776-TC-01: Governance Portability Assessment Completeness

Objective: Verify that the portability assessment covers all applicable AGS controls. Procedure: Cross-reference the portability assessment for a deployed SNN agent against the full AGS control catalogue. Identify any unassessed controls. Expected Result: 100% of applicable controls assessed with direct applicability, functional equivalence, or documented exception. Pass Criteria: Zero unassessed applicable controls.

Test Case 776-TC-02: Functional Equivalence of Interpretability

Objective: Verify that architecture-specific interpretability tools achieve declared fidelity. Procedure: Run 1,000 decision scenarios through both the non-transformer agent's interpretability tool and a ground-truth oracle. Compare explanations. Expected Result: Fidelity score >= the declared threshold (e.g., 78% for spike-pathway analysis). Pass Criteria: Measured fidelity within 5% of declared fidelity.

Test Case 776-TC-03: Behavioural Envelope Drift Detection

Objective: Confirm that the envelope monitor detects distribution drift in a continuously adapting agent. Procedure: Inject a gradual input distribution shift over 1,000 decision cycles. Monitor for envelope alert. Expected Result: Alert fires before drift exceeds 3 standard deviations. Pass Criteria: Alert fires. Agent constrained to safe mode within the tier-appropriate time limit.

Test Case 776-TC-04: Audit Trail Information Equivalence

Objective: Verify that non-transformer audit trails contain equivalent information to transformer baselines. Procedure: Compare audit trail entries from a non-transformer agent and a transformer agent for 100 identical decision scenarios. Evaluate information completeness. Expected Result: Non-transformer audit trails contain >= 95% of the information fields present in transformer baselines. Pass Criteria: Information equivalence score >= 95%.

Test Case 776-TC-05: Dual-Architecture Verification Accuracy

Objective: Test the effectiveness of dual-architecture verification for high-risk decisions. Procedure: Process 500 high-risk decisions through both the non-transformer primary and transformer verification agent. Compare agreement rate. Expected Result: Agreement rate >= 90%. Disagreements correctly identified and escalated. Pass Criteria: All disagreements logged and escalated. Zero undetected conflicts.

Evidence Artefacts

7. Scoring

8. Failure Scenarios

Scenario A: Spiking Neural Network Agent for Real-Time Fraud Detection

A Financial-Value organisation deploys a fraud detection agent based on a spiking neural network (SNN) running on Intel Loihi 2 neuromorphic hardware. The agent processes 45,000 payment transactions per second with a latency of 0.8 milliseconds per decision -- 12x faster than the replaced transformer-based agent. Under AG-776, the deployment team must complete a governance portability assessment. The assessment identifies 7 of 42 applicable AGS controls where standard transformer-based instrumentation does not apply. For example, attention-based explainability (required by AG general interpretability controls) has no direct equivalent in SNNs. The team implements a spike-pathway analysis tool that traces which input features (transaction amount, merchant category, geographic deviation, velocity) produced the strongest spike cascades leading to the fraud/not-fraud decision. This provides functionally equivalent explainability with 78% fidelity compared to the transformer attention baseline. The organisation documents the remaining 22% fidelity gap as an accepted exception with compensating controls: all SNN fraud decisions exceeding EUR 10,000 in transaction value are subject to secondary review by a transformer-based agent, creating a dual-architecture verification layer. Deployment proceeds with governance board approval. False positive rate: 1.2% (improved from 2.1% on the transformer). True positive rate: 97.4%.

Scenario B: Liquid Neural Network Agent for Autonomous Vehicle Coordination

An Embodied / Edge / Robotic Agent profile deployment uses a liquid neural network (LNN) for real-time traffic coordination in a smart city pilot involving 340 autonomous vehicles. The LNN's continuous-time dynamics enable adaptation to novel traffic patterns without retraining, but this same property means the agent's behaviour evolves during deployment -- a characteristic that challenges static model governance. Under AG-776, the governance portability assessment identifies that the standard model versioning control (which assumes discrete model checkpoints) does not apply to continuously adapting LNNs. The team implements a behavioural envelope monitoring system that tracks the agent's decision distribution in real time and alerts when the distribution drifts beyond predefined safety boundaries. On 2026-03-25, the envelope monitor detects that the LNN's lane-merge decisions have drifted 2.3 standard deviations from the baseline, likely due to a new road construction pattern. The agent is automatically constrained to conservative-only lane-merge decisions (reducing throughput by 15% but maintaining safety), and a human traffic engineer is notified for review. Drift is resolved within 3 hours after the LNN's input data pipeline is updated with construction zone annotations.

9. Regulatory Mapping

10. Related Protocols