AI Safety Operating Policy

AssetShop LLC - Effective 2026 - Policy F-01

This policy describes how AssetShop operates AI and machine learning systems in connection with the AssetShop Supply Chain Operations (SCO) service, including alignment with:

• NIST AI Risk Management Framework (AI RMF 1.0)
• EU Artificial Intelligence Act (Regulation 2024/1689)
• ISO/IEC 42001:2023 (AI management systems)
• OECD AI Principles
• U.S. Executive Order 14110 on Safe, Secure, and Trustworthy Development and Use of AI

1. Scope

This policy applies to:

• Any model, statistical method, or automated decision system used by AssetShop SCO to surface patterns, flag anomalies, score variance, or generate executive briefings
• Any third-party AI service that AssetShop integrates on behalf of a Customer tenant
• Internal-only AI tools used by AssetShop staff to operate, debug, or improve the Service

This policy does not apply to:

• AI systems operated independently by the Customer outside the SCO platform
• General-purpose computation that does not produce inferences, predictions, or recommendations

2. Foundational principles

2.1 Human accountability

Every material decision surfaced by an AI system in AssetShop SCO is advisory, not autonomous. A human operator (Customer-side approver) retains final authority and accountability. AssetShop does not initiate write actions to Customer systems based on AI outputs.

2.2 Read-only architecture

AssetShop's read-only architecture (per MSA Section 2.2) is a structural safety property. AI components cannot mutate Customer systems-only observe and surface. This eliminates an entire class of AI safety risk (unauthorized actions, runaway agents).

2.3 Calibration discipline

Every AI-derived claim in the SCO platform is labeled with confidence and provenance:

• Confidence band (low / medium / high) or quantitative score where applicable
• Source data span and freshness
• Method / model identity (calibration ledger reference)
• Anchored to the public audit chain so the claim is independently verifiable

2.4 No covered Article 5 prohibitions

AssetShop SCO does not engage in any practice prohibited under EU AI Act Article 5:

• No subliminal techniques
• No exploitation of vulnerabilities
• No social scoring of natural persons
• No biometric categorization (race, political opinion, sexual orientation, religion)
• No real-time remote biometric identification in public spaces

2.5 Risk tier

AssetShop SCO is classified as a limited-risk AI system under the EU AI Act framework. It does not fall within high-risk categories (Annex III) such as employment decisions, essential services eligibility, law enforcement, migration, or judicial use. Customer use of SCO outputs within high-risk contexts (e.g., HR decisions) requires Customer to apply its own high-risk classification and compliance program.

3. Lifecycle controls (NIST AI RMF mapping)

3.1 GOVERN

• Documented AI Safety Operating Policy (this document)
• Internal AI inventory maintained
• Quarterly review by founder and any retained advisory counsel
• All model and method choices logged in the calibration ledger
• Vendor sub-processor diligence for any third-party AI service (see Sub-Processor List, F-11)

3.2 MAP (context, classification)

• Each AI feature is mapped to a use case, stakeholder, risk tier, and intended operating envelope
• Out-of-envelope behavior triggers a calibration flag in the audit log
• Customer use cases that would re-classify AssetShop SCO as high-risk require explicit Customer attestation per the Order Form

3.3 MEASURE

• Model outputs are sampled and human-reviewed at a calibrated cadence
• Performance metrics (precision, recall, calibration error) are tracked per model
• Drift detection alerts on distribution shift relative to training and recent baseline
• All measurements are hash-chained to the audit log

3.4 MANAGE

• Defined rollback procedure for any AI component (see Incident Response Runbook)
• Customer-side override at every decision surface
• "Pause AI" toggle per tenant (Customer can disable AI-derived signals while retaining raw observational data)
• Documented escalation path to founder + retained counsel for any AI-related Customer concern

4. Customer rights

Customers may, at any time and without affecting other Service entitlements:

• Request the inventory of AI components active on their tenant
• Request the model card for any specific AI feature (provided under NDA where third-party components are involved)
• Disable AI-derived signals for the tenant ("AI off" mode)
• Export the calibration history for any AI claim, including provenance to the public anchor chain
• Object to the use of Customer data for any non-Customer-specific model training (AssetShop does not perform such training as of the effective date)

5. Training data

As of the effective date, AssetShop does not use Customer data to train, fine-tune, or improve any AI model for purposes other than serving that specific Customer's tenant. Any future use of aggregated Customer data for cross-Customer model improvement requires:

• Explicit affirmative Customer opt-in (no implicit consent)
• Aggregation and anonymization audited by an independent third party
• 90-day notice to all affected Customers
• Customer's right to opt out without service degradation

6. Third-party AI providers

When AssetShop integrates a third-party AI provider (e.g., CORTEX integration with a Customer-elected LLM provider), the relationship is governed by:

• Customer's per-tenant election of provider (no default)
• DPA between AssetShop and the third-party provider (zero-retention or no-training contracts where available)
• Customer notification and right to object under the standard sub-processor change process
• Provider listed in the public Sub-Processor List

7. Security of AI components

AI components are subject to the same security controls as the rest of AssetShop SCO:

• Tenant isolation (no cross-tenant model state)
• Encryption at rest and in transit
• Access controls and audit logging
• Threat model coverage (prompt injection, model extraction, data poisoning are explicit threat categories)
• Annual penetration testing extended to AI surfaces from Q4 2026

8. Incident response

Any incident involving an AI component (hallucination causing material customer impact, prompt-injection compromise, unauthorized data egress via AI surface, etc.) is handled under the standard Incident Response Runbook with the addition of:

• AI-specific root cause analysis (model version, prompt template, retrieval set, input data span)
• Counterfactual analysis (what should the system have produced?)
• Calibration-ledger entry documenting the incident and remediation

9. Updates to this policy

This policy is reviewed at least annually and updated as the regulatory landscape evolves. Material updates are notified to Customers via the Trust Center status banner and per the standard policy update process.

10. Contact

AI safety inquiries: AssetShopCo@gmail.com

Regulatory and counsel inquiries: AssetShopCo@gmail.com

This policy is a counsel-ready draft. AssetShop is committed to ongoing alignment with the evolving AI regulatory landscape and welcomes Customer feedback.