SADAR Addresses Governance Gaps Identified in the FINOS AI Governance Framework for Discovery and Authorization

Overview

The FINOS AI Governance Framework (AIGF) v2, released October 2025, catalogues 46 risks across operational, security, and regulatory dimensions — with a dedicated agentic AI section acknowledging that autonomous multi-agent architectures present categorically different governance challenges than static RAG systems.

This position paper maps SADAR's open-standard mechanisms to the FINOS AIGF v2 risk catalogue, scoping out CogniWeave explicitly so that the contribution of the open standard itself is assessed on its own merits.

Key Findings

SADAR provides direct coverage for 8 of 11 operational risks, 4 of 6 security risks, and 4 of 5 regulatory risks in AIGF v2.

‍

SADAR's strongest contributions are to:

• Model Overreach (AIR-OP-018) — scope boundary enforcement at the discovery layer
• Agent Action Authorization Bypass — cryptographic identity raising attack cost significantly
• Multi-Agent Trust Boundary Violations (AIR-OP-028) — eliminating implicit trust between agents
• Regulatory Audit Trail and Explainability — structured, machine-readable invocation records

What SADAR Is — and Is Not

SADAR is a preventative governance standard operating at the discovery layer. It establishes the identity, scope, and capability contracts that runtime enforcement systems then act upon. It does not prevent LLM hallucination, enforce runtime compliance, detect bias, or provide infrastructure resilience — those require complementary controls.

Coverage Summary

Download the full position paper  for complete risk-by-risk mapping tables, detailed mechanism analysis, and alignment with AIGF mitigation philosophy.

‍