Skip to content
Decision Infrastructure · Runtime Property

Runtime Admissibility

Decision Infrastructure asks

“Should it still happen now?”

An approval is a signal. An execution is the event. Runtime admissibility is the property that an approved decision remains permitted at the moment it acts.

Most enterprise systems evaluate policy at decision time.

Decision Infrastructure evaluates admissibility at execution time.

Decision Runtime Trace Anatomy
Runtime admissibility lives at Stages 02–03 of the trace, and is bound at Stage 04 — the commit boundary.

What Is Runtime Admissibility?

Runtime admissibility is the property that a proposed action is currently permitted, given the present state of conditions, authority, evidence, and risk — re-evaluated at the moment of execution, not at the moment of decision.

It is the architectural primitive that distinguishes governed execution from automated execution. A system that approves but does not re-evaluate at the commit cannot guarantee that the outcome was permitted at the time it occurred. A system that re-evaluates at the commit can.

The Decision-to-Execution Gap

Between the moment a decision is approved and the moment the action commits, state moves. Documents expire. Conditions fail. Sanctions lists update. Authority changes. Exposure shifts. Fraud signals emerge.

Every regulated outcome that fails between approval and the act lives in that gap. Most enterprise stacks have no architectural position from which to govern it — decision systems exit before execution, workflow tools route without re-validating, observability describes after the fact. Runtime admissibility is the property that closes the gap structurally rather than narratively.

Why Approved ≠ Executed

Approval is a signal that, at a moment in the past, a decision met policy under known state. Execution is the event in which that decision becomes real against the current state of the systems it will act upon. The two are not the same property — and treating them as the same is what produces the outcomes enterprises cannot explain.

Runtime admissibility makes this distinction architectural rather than aspirational. It is not a process improvement. It is a layer.

Runtime Validation

Runtime validation is the mechanism by which admissibility is evaluated. It checks the live state of conditions, authority, evidence, and risk against the policy that authorized the decision. If any dimension has changed in a way that invalidates the original authorization, admissibility fails.

Validation is performed at the commit boundary — the architectural location where intent attempts to become consequence. It is not a secondary review. It is the gate.

Continuous Admissibility Evaluation

A single check at the commit is not enough for actions that stay in flight over time. Admissibility must be evaluated continuously for the duration of the obligation — held positions, open commits, long-running disbursements — so that any state change between evaluations invalidates the action before it can act on stale assumptions.

Continuous admissibility is what makes Decision Infrastructure a runtime layer rather than a checkpoint.

ALLOW / HOLD / DENY Semantics

Every commit attempt produces one of four outcomes. The semantics are deliberately narrow — admissibility is a binary property with structured exceptions.

ALLOW

Action proceeds. Evidence is captured at the moment of binding.

HOLD

Revalidation required before binding. Action is paused, not failed.

DENY

Action is blocked. Reason and current state are captured as evidence.

ESCALATE

Higher authority review required. Decision and context are recorded.

Relationship to the Commit Boundary

The commit boundary is the architectural location where intent becomes consequence. Runtime admissibility is the evaluation that occurs at that location — the check that determines whether the action is permitted to bind. The boundary names the place; admissibility names the property; binding names the act.

Distinguishing these three is what makes execution governance architecturally coherent. Most platforms collapse them, and the collapse is what produces governance theater.

Evidence at Execution

Every admissibility outcome — allow, hold, deny, escalate — produces evidence at the moment it occurs. State, conditions, authority, and policy are recorded together, not reconstructed afterward. Reconstructed evidence is interpretation. Evidence created in-line at execution is fact.

This is what makes runtime admissibility defensible to regulators and to internal audit. A system that cannot produce in-line evidence cannot claim governed execution.

Where Runtime Admissibility Matters

The same architectural property applies wherever a state change between approval and execution could invalidate the action.

Mortgage funding

Scenario. A loan was approved at 9 AM. By 2 PM, a borrower document expired, a condition list updated, and exposure shifted. The funding wire is about to commit.

Admissibility. Runtime admissibility re-evaluates state at the commit. If conditions no longer hold, the wire is held or denied — with evidence captured at the moment.

Sanctions update

Scenario. A wire transfer was authorized last week. Between authorization and settlement, an entity on the chain was added to a sanctions list.

Admissibility. The settlement attempt is denied at runtime. Authorization alone is not sufficient; the action must remain admissible against the current list at execution.

Authority changes

Scenario. A trader was authorized to approve commitments up to a limit. Their authority was reduced after a role change — but a pending commit is still in flight.

Admissibility. Runtime admissibility checks current authority at commit, not authority captured at decision time. If reduced, the commit is held or escalated.

Fraud signals

Scenario. A payment was approved through normal review. Between approval and disbursement, a downstream fraud model flagged a related counterparty.

Admissibility. The disbursement is denied or held at the commit boundary. New fraud evidence invalidates the prior admissibility — the action must be re-validated.

Liquidity constraints

Scenario. A funding decision was made against an exposure model that was accurate at decision time. Intraday, exposure crossed a threshold defined in policy.

Admissibility. Runtime admissibility evaluates against the current exposure state. The action is escalated, held, or denied — never silently executed against stale assumptions.

Decision Infrastructure is the category. System of Intelligence is how it operates. Runtime admissibility is the property that defines whether execution was governed at all.

Frequently Asked Questions

What is Runtime Admissibility?

Runtime admissibility is the property that a proposed action is currently permitted — given the present state of conditions, authority, evidence, and risk — re-evaluated at the moment of execution rather than the moment of decision. It is the architectural primitive that distinguishes governed execution from automated execution: a system that approves but does not re-evaluate at the commit cannot guarantee the outcome was permitted when it occurred; one that re-evaluates can.

Why is admissibility evaluated at runtime?

Because state changes between approval and execution. Documents expire, sanctions lists update, authority lapses, conditions fail, exposure shifts, and fraud signals emerge. A decision approved earlier may no longer be permitted when the action attempts to commit. Design-time policy checks cannot see runtime state — only an evaluation at the moment of action can determine whether the action is still admissible against current reality.

What inputs are evaluated?

Four dimensions are checked against the policy that authorized the decision: current state (has reality changed since approval), policy (do the rules still permit it), authority (does the actor still hold the right to act), and context (have risk signals, timing windows, or dependencies changed). Supporting evidence — documents, signals, conditions — is checked for whether it is still intact at the moment of action.

What causes admissibility failure?

Admissibility fails when any dimension has changed in a way that invalidates the original authorization: an expired or missing document, a policy or sanctions update, lapsed or reduced authority, a failed condition, a crossed exposure threshold, or a new fraud signal. The decision was correct under the state known at approval; it is inadmissible because the state it would now act upon is different.

Can admissibility change after approval?

Yes — that is the entire point. Approval captures admissibility at a moment in the past; runtime admissibility tracks whether it still holds now. An action admissible at 9 AM can become inadmissible by 2 PM. For actions that stay in flight, admissibility is evaluated continuously, so a change at any point before the act invalidates it before it can commit on stale assumptions.

How often is admissibility checked?

At minimum at the commit boundary, before the action binds. For actions that remain in flight over time — held positions, open commits, long-running disbursements — admissibility is re-evaluated continuously for the duration of the obligation, so any state change between evaluations invalidates the action. Continuous evaluation is what makes Decision Infrastructure a runtime layer rather than a one-time checkpoint.

Is admissibility explainable?

Yes. Every admissibility outcome — ALLOW, HOLD, DENY, ESCALATE — is produced deterministically and recorded with the state, conditions, authority, and policy that produced it. Because the evaluation is captured in-line, you can see exactly why an action was permitted, paused, blocked, or escalated. Admissibility is not a model's opinion; it is a deterministic, explainable verdict against current reality.

Can auditors review admissibility decisions?

Yes. Each admissibility evaluation produces evidence at the moment it occurs — the inputs, the checks, the policy version, the authority, the timing, and the verdict — as an immutable, reconstructable record. Because outcomes are deterministically replayable, the same inputs reproduce the same result, so auditors and regulators can review not just that an action happened but whether it was permitted when it happened.

How does admissibility differ from policy checks?

Policy enforcement checks whether a decision was made under acceptable rules — a design-time check. Runtime admissibility checks whether that decision is still permitted right now, against the live state of the systems it will act upon — an execution-time check. Policy is necessary but not sufficient: a decision can satisfy policy at approval and still be inadmissible at execution because reality has moved.

How does admissibility reduce operational risk?

It eliminates the failure mode where approved actions execute against state that has drifted — the stale approval, the post-authorization sanctions hit, the expired condition, the lapsed authority. By holding, denying, or escalating no-longer-admissible actions before they bind, and evidencing each outcome, it converts silent, accumulating risk into governed, explainable events — and prevents the auditable failures that survive every after-the-fact control.

What outcomes does runtime admissibility produce?

Every commit attempt produces one of four outcomes: ALLOW (the action proceeds and evidence is captured at binding), HOLD (revalidation is required before binding — the action is paused, not failed), DENY (the action is blocked, with reason and current state recorded), or ESCALATE (higher-authority review is required). The semantics are deliberately narrow: admissibility is a binary property with structured exceptions.

How does runtime admissibility relate to the commit boundary?

The commit boundary is the architectural location where intent becomes consequence; runtime admissibility is the evaluation performed at that location — the check that determines whether the action is permitted to bind. The boundary names the place, admissibility names the property, and binding names the act. Distinguishing the three is what keeps execution governance architecturally coherent.

Relationship Reading Tree

Relationship to Other Concepts

Decision Infrastructure is part of a connected ontology. Use this relationship tree to understand where this concept fits.

  1. System of Intelligence
  2. Decision Infrastructure
  3. Decision-to-Execution Gap
  4. Commit Boundary
  5. Execution Governance
  6. Runtime AdmissibilityYou are here
  7. Governed Execution
  8. Evidence at Execution
  9. Operational Legitimacy (Result)
  10. Consequence Intelligence (Output)

Reference Surfaces

Reference Surfaces

Reference Surfaces

Understanding a category requires more than comparisons. These reference surfaces explain the core concepts, architecture, vocabulary, and placement of Decision Infrastructure within the enterprise stack.

Related Concepts

Architectural primitives adjacent to runtime admissibility

The architectural primitives that compose Decision Infrastructure — each governs one facet of how execution remains admissible.

Related Comparisons

Related Comparisons

Use these comparisons to understand how Decision Infrastructure differs from adjacent categories, systems, and governance models.

Decision Infrastructure vs Decision Intelligence

The category vs its output cousin — what produces decisions vs what governs them at execution.

Decision Infrastructure vs Decision Governance

Governance defines policy. Infrastructure operationalizes it at execution.

Decision Infrastructure vs Decision Control Plane

A control plane routes and coordinates actions; Decision Infrastructure governs whether each action should still happen at all.

Decision Infrastructure vs Decision Execution Engine

An execution engine runs the action; Decision Infrastructure governs whether execution may proceed.

Decision Infrastructure vs Runtime Governance

Runtime governance is a capability; Decision Infrastructure is the category that contains it.

Decision Infrastructure vs Decision Systems

Workflow-and-approvals systems exit before execution; Decision Infrastructure governs the act itself.

Decision Infrastructure vs AI Governance

AI Governance defines what should be allowed. Decision Infrastructure governs whether those permissions remain valid at execution.

AI Governance vs Decision Systems

Why model and process governance frameworks don't close the gap between approval and consequence.

Decision Infrastructure vs Digital Twin

Simulating reality vs governing what is allowed to happen in reality.

Sovereign Reasoning vs Decision Systems

Reasoning under jurisdictional and policy constraints vs the workflow systems that operationalize decisions.

Decision Infrastructure vs Agentic AI

Agents act autonomously; Decision Infrastructure governs whether each autonomous action is admissible at execution.

Decision Infrastructure vs MLOps

MLOps keeps the model healthy; Decision Infrastructure governs whether the decision it informs is admissible at execution.

Decision Infrastructure vs GRC

GRC documents and reviews controls; Decision Infrastructure enforces them on each action at execution.

Decision Infrastructure vs iPaaS

iPaaS connects systems and moves data; Decision Infrastructure governs whether the action between them should execute.

Decision Infrastructure vs Observability

Observability explains execution; Decision Infrastructure governs whether it should occur at all.

Decision Infrastructure vs Knowledge Graphs

Knowledge graphs map what is connected; Decision Infrastructure governs whether an action across those connections is admissible.

Decision Infrastructure vs Sovereign Reasoning

Sovereign Reasoning bounds how AI reasons; Decision Infrastructure governs whether the resulting action is admissible at execution.

Decision Infrastructure and Palantir

Palantir integrates data and drives action; Decision Infrastructure governs whether each action is admissible at execution — across any platform.

Decision Infrastructure and ServiceNow

ServiceNow runs and automates the workflow; Decision Infrastructure governs whether each action it fires is admissible at execution.

Decision Infrastructure and Pega

Pega manages decision workflows; Decision Infrastructure governs whether execution remains legitimate at the act.

Decision Infrastructure and Appian

Appian automates process execution; Decision Infrastructure governs consequence authorization at the commit boundary.

Decision Infrastructure and FICO

FICO optimizes decision quality; Decision Infrastructure governs whether a scored decision is still admissible at execution.

Decision Infrastructure vs Middleware

Middleware passes messages between systems; Decision Infrastructure governs whether the action a message triggers should execute.

Decision Infrastructure vs BPM

BPM orchestrates the process and moves work to the action; Decision Infrastructure governs whether that action should commit.

Decision Infrastructure vs Workflow Automation

Workflow automation runs the sequence; Decision Infrastructure governs whether each action in it should commit.

Decision Infrastructure and Salesforce

Salesforce runs the customer workflow; Decision Infrastructure governs whether each action it fires remains legitimate at the act.

Decision Infrastructure and Celonis

Celonis reveals how processes run and drives action; Decision Infrastructure governs whether that action is admissible at execution.

Decision Infrastructure and Icertis

Icertis manages contracts and obligations; Decision Infrastructure governs whether an action taken under them is admissible at execution.

Decision Infrastructure and Encompass

Encompass runs the loan workflow; Decision Infrastructure governs whether each consequential loan action is admissible at execution.

Decision Infrastructure and Empower

Empower runs loan origination; Decision Infrastructure governs whether each consequential loan action is admissible at execution.

Decision Infrastructure and Harvey

Harvey generates legal reasoning and drafts; Decision Infrastructure governs whether the actions taken from that reasoning are admissible at execution.

Decision Infrastructure and iManage

iManage manages legal knowledge; Decision Infrastructure governs the consequential actions taken using that information at execution.

Decision Infrastructure and Intapp

Intapp coordinates legal intake, conflicts, and approvals; Decision Infrastructure governs whether execution remains admissible at the act.

Decision Infrastructure and Relativity

Relativity surfaces and reviews evidence; Decision Infrastructure governs the consequential actions taken because of it at execution.

Decision Infrastructure and Reveal

Reveal surfaces evidence with AI-assisted review; Decision Infrastructure governs the consequential execution based on it.

Decision Infrastructure and Aderant

Aderant runs the business of law; Decision Infrastructure governs whether the consequential actions those operations drive are admissible at execution.

Decision Infrastructure and NetDocuments

NetDocuments manages legal documents and knowledge; Decision Infrastructure governs the consequential actions taken using that information.

Decision Infrastructure and Contract Lifecycle Management

Contract lifecycle platforms manage the contract; Decision Infrastructure governs whether actions taken under it remain admissible at execution.

Decision Infrastructure and Litera

Litera drafts, compares, and perfects legal documents; Decision Infrastructure governs whether the actions taken from those documents are admissible at execution.

Related Reading

Long-form explorations of admissibility at execution

Platform & Vision

How this becomes operational at QuNetra