Evidence
Every decision produces a verifiable record.
This is not a log or a score. It is a complete, structured account of what was decided, why, and with what data.
Evidence Bundle
The core evidence object is the DecisionEventPackage. Once assembled, it is immutable — no field can be modified, appended, or removed.
| Component | Content |
|---|---|
| Resolution trace | Which layers were attempted, what each returned, where resolution occurred |
| Confidence basis | Score and threshold at the resolving layer |
| Rule binding | Rule pack version, rule pack hash, specific rules triggered |
| Data binding | Watchlist snapshot ID, snapshot hash, sources consulted |
| Config snapshot | Tenant configuration version active at execution time |
| Lineage | Full path from raw input through normalization, clustering, resolution, and output |
| Entity context | Input entity, resolved canonical match, entity type, source batch |
| Execution metadata | Trace ID, batch ID, decision run ID, timestamps, execution hash |
Example evidence record
This public example shows the shape of the evidence object without using customer data or live provider data.
Synthetic DecisionEventPackage
Contract-shaped example for evaluation review. IDs, hashes, entity names, and timestamps are synthetic.
{
"protocol_version": "1.0.0",
"event_id": "0196a3c8-8d55-7a6a-b5df-51e6ad6f2471",
"trace_id": "0196a3c8-8d55-7e47-a7e3-3dbe5d19c2a4",
"tenant_id": "01969f8a-0d4f-74f4-a566-fb8c8d327002",
"case_id": "0196a3c8-8d55-7dc8-8dc2-e1fcbec20691",
"batch_id": "0196a3c8-1c7a-78d3-a673-9bf2e95e03e6",
"event_type": "SCREENING",
"created_at": "2026-05-04T14:22:18Z",
"execution_context_fingerprint": "2db8d1b710a9488fd7ed34e2e0fdad14d6d72a3a1d7d80bb2da3120aa8194a5c",
"region_context": "us",
"subject_type": "VESSEL",
"original_input": "MV Northstar Trader, IMO 9123456",
"normalized_input": "mv northstar trader imo 9123456",
"input_hash": "ce8d9f5665e1bfb980236dbe8ad40d780857f776fdc8aa6f8a21ff309b3f6f86",
"jurisdiction_hint": "US",
"jurisdiction_risk_tier": "STANDARD",
"jurisdiction_risk_score": 0.18,
"jurisdiction_matched_lists": [],
"vessel_enrichment_status": "ENRICHED",
"vessel_imo": "9123456",
"vessel_flag_state": "Marshall Islands",
"vessel_type": "Container Ship",
"vessel_owner": "Northstar Maritime Holdings",
"vessel_risk_flag": "",
"input_fields": {
"name": "MV Northstar Trader",
"imo": "9123456",
"flag_state": "Marshall Islands"
},
"entity_type": "VESSEL",
"entity_type_confidence": 0.97,
"screening_type": "SANCTIONS",
"screening_mode": "BATCH",
"tenant_policy_id": "01969f8a-34e9-7814-a0d2-dde2fd45728f",
"tenant_policy_version": "shipping-eval-2026.05",
"decision_state": "REVIEW",
"decision_label": "POTENTIAL_MATCH_REVIEW",
"resolution_layer": "L2_VECTOR",
"resolution_confidence": 0.61,
"resolution_reason": "Potential alias similarity below block threshold; routed to human review.",
"routing": "HUMAN",
"requires_human_review": true,
"finalized": false,
"reason_summary": "Screening signal routed to review with evidence preserved for operator disposition.",
"decision_path": [
{
"layer": "L0_GARBAGE",
"executed": true,
"outcome": "VALID_INPUT",
"score": null,
"threshold_applied": null,
"reason": "Structured vessel name and IMO present."
},
{
"layer": "L1_DETERMINISTIC",
"executed": true,
"outcome": "NO_MATCH",
"matched_candidate_id": null,
"score": 0,
"threshold_applied": 1,
"reason": "No exact, normalized, or alias match."
},
{
"layer": "L2_VECTOR",
"executed": true,
"outcome": "POTENTIAL_MATCH",
"matched_candidate_id": "wl_sdn_vessel_candidate_4c72",
"score": 0.61,
"threshold_applied": 0.55,
"reason": "Similarity exceeded review threshold and remained below block threshold."
},
{
"layer": "L3_SEMANTIC",
"executed": false,
"outcome": "SKIPPED",
"reason": "Tenant policy routes this confidence band directly to human review."
},
{
"layer": "L4_HUMAN",
"executed": true,
"outcome": "QUEUED",
"reason": "Operator review required before customer reliance."
}
],
"rules_context": {
"rule_pack_id": "01969f8a-576b-77df-8306-23304c1e0c41",
"rule_pack_version": "sanctions-maritime-2026.05",
"rule_pack_hash": "24a441f6a6b66481d880107a8f5aef2f5bd57a4f01e9f01bc91c7c4eeb64f940",
"rules_evaluated": 43,
"rules_triggered": 2,
"threshold_policy_id": "01969f8a-7ad0-7a85-8a57-74887c880a5c",
"threshold_policy_version": "review-band-2026.05",
"rules_version": "ruleset:2026.05.04"
},
"reference_data_context": {
"watchlist_snapshot_id": "0196a276-7b5f-7522-9f7e-6095601031a4",
"watchlist_snapshot_hash": "6c77f192b97a4c2bd5e68f616e2bceaf7e77bb890d478c040de07df18a66a1a8",
"watchlist_sources": [
"OFAC_SDN",
"EU_CONSOLIDATED",
"UN_SANCTIONS",
"UK_OFSI"
],
"matched_data_version": "watchlist:6c77f192b97a4c2bd5e68f616e2bceaf7e77bb890d478c040de07df18a66a1a8",
"entity_graph_snapshot_id": "0196a276-874f-72af-b878-c031438e92be",
"canonical_registry_version": "canonical-registry:2026.05.04",
"alias_registry_version": "alias-registry:2026.05.04"
},
"model_context": null,
"evidence_artifacts": [
{
"artifact_id": "0196a3c8-9f24-7bd4-b14e-9262c31b1af0",
"artifact_type": "INPUT_RECORD",
"artifact_hash": "21ce9c9d28f1cf7281bb84921970f637d1a68a9a8606f2bfbfbd98ed6800f0d4",
"storage_uri": "evidence://batch/0196a3c8/input/row-00042.json",
"role": "primary_input"
},
{
"artifact_id": "0196a3c8-a24d-76b7-8e64-67a0a1824a97",
"artifact_type": "MATCH_SCORE_DETAIL",
"artifact_hash": "e8a4a942ea20f9ff54102f96087b232c5f1c5ed334fbdf2fa3f3ff0a34d1ff47",
"storage_uri": "evidence://batch/0196a3c8/matches/row-00042.json",
"role": "match_detail"
}
],
"human_governance": {
"review_status": "PENDING",
"approvals": [],
"overrides": [],
"escalations": [
"case_rev_0196a3c8_00042"
]
},
"regulatory_reliance": {
"regulatory_status": "SCREENING_SIGNAL",
"reliance_boundary": "CUSTOMER_FINAL_DECISION",
"reliance_warning": "Screening signal only. Customer retains final review, legal interpretation, and reliance.",
"jurisdiction_basis": [
"OFAC_SDN",
"EU_CONSOLIDATED",
"UK_OFSI"
],
"legal_basis_refs": [
"31 CFR Part 501",
"EU consolidated financial sanctions list",
"UK sanctions list"
],
"snapshot_age_hours": 5,
"upstream_source_published_at": "2026-05-04T09:00:00Z",
"operator_review_required": true,
"review_quality_requirement": "EVIDENCE_ACKNOWLEDGEMENT_REQUIRED",
"explanation_verification_status": "VERIFIED",
"contradiction_protocol_required": false,
"exam_package_ready": true
},
"integrity": {
"package_hash": "0cb0d2212ee7d5ea0bdf6712e917b1c28a52453bc0cffbb352d9df3cd2efaa74",
"canonicalization_method": "json-canonical-sha256",
"tamper_evident": true,
"requires_attestation": true
}
}The VeracityReceipt is bound after this package is assembled; it is not embedded inside the package.
Try It
Screening Demo
Representative example of resolution, evidence lineage, and receipt binding. Uses fixture data to illustrate the protocol flow.
Try "Vladimir Putin" (sanctioned) or "Acme Shipping Ltd" (cleared).
Receipt References
After evidence assembly, the package is handed to Intelligent Analyst for attestation. The receipt is stored in the IA truth ledger and can be independently retrieved and verified without access to CCAI.
| Field | Purpose |
|---|---|
| receipt_id | Unique identifier for the attestation receipt |
| receipt_hash | SHA-256 hash binding the receipt to the decision |
| receipt_status | BOUND (attested) or ATTESTATION_PENDING (IA unavailable) |
| bound_at | Timestamp of attestation |
Audit Export
Evidence can be exported in formats suitable for regulatory examination. Audit reports include governance context: rule pack version, threshold policy, approval chain, and configuration snapshot.
| Type | Format | Contents |
|---|---|---|
| Screening results | CSV | Entity results with layer, confidence, decision |
| Evidence bundle | JSON | Full DecisionEventPackage per entity |
| Audit report | Regulatory narrative with evidence chain and governance metadata | |
| Lineage export | JSON | Complete input-to-output trace per entity |
| Receipt archive | ZIP | VeracityReceipts for all entities in a batch |
Why this matters for regulated use.
What was the decision?
CCAI records the resolution outcome and decision state for every entity.
What data was used?
The watchlist snapshot ID and hash identify exactly which version of reference data was consulted. Snapshot immutability ensures the data cannot be retroactively changed.
What rules were applied?
Rule pack versioning with approval chains provides a complete governance trail. The configuration snapshot records the exact policy state at execution time.
Can the decision be reproduced?
The combination of input entity, configuration snapshot, watchlist snapshot, and rule pack version is sufficient to replay any decision.
Is the evidence independently verifiable?
The VeracityReceipt is stored in a separate system (IA) with its own integrity guarantees. The hash binding allows independent verification without trusting either system alone.
Regulated-use rationale
Evidence that supports a defensible process.
The evidence structure is designed to help regulated teams document, review, and explain their own screening process.
CCAI output is framed as a screening signal and evidence record. The customer owns final compliance decisions, regulator responses, and legal interpretation.
Each record binds the result to input, tenant policy, rule pack, reference snapshot, layer trace, and integrity hash so reviewers can see what produced the signal.
Review-required outcomes carry governance context for structured disposition, approval history, PI involvement, and review-quality expectations.
Snapshot age and source timing are part of the evidence context so a reproduced decision can be distinguished from a current-data assessment.
Evidence packages organize records for customer review and regulator-facing preparation without turning software output into legal advice.
CCAI does not claim to eliminate compliance risk. It provides the evidence infrastructure that allows regulated institutions to demonstrate the rigor, consistency, and traceability of their screening operations.
For regulator-facing packaging, review examination readiness. For source-age context, review data freshness.