Roadmap

Where we've been and where we're going. All future development maintains our non-negotiable design principles.

Completed

Sprint 1: Deterministic Governance Kernel

  • Policy versioning with temporal validity
  • Signal ingestion with provenance tracking
  • Deterministic evaluator with input hashing
  • Exception engine with fingerprint deduplication
  • One-screen decision UI (symmetric options, no recommendations)
  • Immutable decision log with rationale and assumptions
  • Evidence pack generation and export (JSON, HTML, PDF)
  • Treasury pack with sample policies

Sprint 2: Domain Packs + Replay + AI Thin-Slice

  • Treasury + Wealth packs (8 signal types, 8 policies each)
  • CSV ingestion with SHA256 provenance tracking
  • Replay harness with isolated namespaces
  • Replay comparison tools (before/after policy changes)
  • Exception budgets and metrics
  • MCP Server (read-only tools for AI integration)
  • NarrativeAgent v0 (grounded memo generation)
  • Evals v0 (CI gate on hallucinations)

Sprint 3: Agentic Coprocessor

  • MCP write tools with approval gates
  • IntakeAgent (unstructured documents → candidate signals)
  • PolicyDraftAgent (natural language → policy drafts)
  • Approval queue with human-in-the-loop
  • Agent tracing viewer
  • Expanded eval suites + CI gates

Coming Next

Sprint 4: Live Signal Ingestion

Connect to real data sources for continuous signal flow.

  • Connector framework with scheduling, retry, circuit breaker
  • Market data connectors (Bloomberg, crypto exchanges, FX feeds)
  • Internal system connectors (REST polling, webhooks, database)
  • File watcher for CSV/Excel drops
  • Real-time evaluation on signal arrival
  • Rate limiting and backpressure

Sprint 5: Notification & Escalation

Proactive alerting when exceptions require attention.

  • Email notifications (exception raised, SLA approaching)
  • Slack/Teams integration
  • SMS for critical exceptions
  • SLA configuration per severity
  • Auto-escalation when SLA breached
  • Escalation paths (analyst → manager → director)
  • Daily exception digest
  • Weekly decision summary report

Sprint 6: Multi-Tenancy & Access Control

Support multiple organizations and role-based permissions.

  • Organization model with tenant isolation
  • SSO integration (SAML, OIDC)
  • Role-based access control (Viewer, Analyst, Decider, Approver, Admin)
  • Audit log of permission changes
  • Per-org pack customization
  • White-label UI theming

Future Vision

Sprint 7: Advanced Analytics & Reporting

  • Decision time distribution analysis
  • Decision patterns by user, policy, severity
  • Policy performance metrics (false positive rate, precision/recall)
  • Compliance reporting (SOX, Basel export formats)
  • Executive dashboard
  • Policy tuning recommendations

Sprint 8: Workflow Automation

  • Configurable auto-resolve for low-severity exceptions
  • Decision templates for routine cases
  • Multi-step approval workflows
  • Parallel approval (Risk + Compliance)
  • Conditional branching based on decision

Sprint 9: External Integrations

  • Decision → downstream action (webhook triggers)
  • Order management system integration
  • Risk system integration (limits adjustment)
  • Auto-generate board memos from evidence
  • Regulatory filing draft generation
  • Data warehouse export (Snowflake, BigQuery)

Sprint 10: Advanced AI Features

  • Multi-document intake (batch processing)
  • Image/chart extraction from PDFs
  • Email thread analysis
  • Similar past decisions retrieval
  • Outcome tracking (what happened after decision X?)
  • Policy conflict detection
  • Coverage gap analysis

Principles for Future Development

These principles apply to ALL future development:

  1. Deterministic Core — Policy evaluation, exceptioning, and evidence must remain deterministic and replayable
  2. Human-in-the-Loop — AI assists but never decides. All mutations require human approval
  3. No Recommendations — Options presented symmetrically. No "AI suggests" or default selections
  4. Audit Everything — Every state change produces an audit event. Evidence packs are immutable
  5. Uncertainty is Visible — Confidence gaps, unknowns, and AI limitations are explicit in UI
  6. Fail Safe — System failures result in human review, never auto-resolution

Contributing

Governance OS is open source. Contributions are welcome for features that maintain our principles.

For non-trivial changes:

  1. Open an issue first to discuss approach
  2. Ensure changes maintain determinism (add replay tests)
  3. AI features must have eval coverage
  4. No recommendations in decision layer

View on GitHub

Want to influence the roadmap? Join the waitlist and tell us about your use case. Early access partners help shape feature priorities.