A policy-governed RAG architecture is specified for audit-ready generation in regulated workflows, organized as a triptych: (I) Contracts/Control (SHRDLU-like), which governs output adherence to legal and internal policies; (II) Manifests/Trails (Memex-like), which cryptographically anchors all cited source evidence to ensure verifiable provenance; and (III) Receipts/Verification (Xanadu-like), which provides the final, portable proof of compliance for auditors (portable COSE/JOSE) (see Section 4 and Appendix A). Rather than explaining model internals, outputs are gated ex-ante and bound to cryptographically verifiable evidence for each material answer. Unvalidated targets are stated (>=20% relative reduction in confident errors; p95 latency <= 900 ms; <= 2.2x serve cost) together with a pre-registered (optional) pilot using NO-GO gates. The design complements existing RAG/guardrails by making policy checks auditable, replayable, and receipt-backed. Target domains include back-office compliance in pharma, medical devices, finance, legal, and the public sector where error costs may exceed thousands of euros and audit trails are mandatory under regulations such as the EU AI Act. Future evaluations may pre-commit to publishing negative results when any example NO-GO gate is not met.

翻译：本文提出一种政策治理型RAG架构，专为受监管工作流程中可审计的生成任务而设计。该架构采用三联式组织模式：（I）合约/控制层（类SHRDLU系统），负责确保输出内容符合法律法规及内部政策要求；（II）清单/追溯层（类Memex系统），通过密码学锚定所有引用的源证据以保证可验证的来源追溯；（III）凭据/验证层（类Xanadu系统），为审计人员提供最终可移植的合规证明（采用可移植的COSE/JOSE格式）（详见第4节与附录A）。该设计不解释模型内部机制，而是通过事前门控将输出与每个实质性答案对应的密码学可验证证据相绑定。研究设定了未经验证的量化目标（相对置信错误降低≥20%；p95延迟≤900毫秒；服务成本≤2.2倍），并采用预注册（可选）试点方案配合NO-GO门控机制。本设计通过使政策检查具备可审计性、可复现性和凭据支持特性，对现有RAG/防护栏技术形成补充。目标应用领域包括医药、医疗器械、金融、法律及公共部门的后台合规场景，这些领域单次错误成本可能超过数千欧元，且根据《欧盟人工智能法案》等法规必须保留审计追踪记录。未来评估可预先承诺：当任何NO-GO门控条件未满足时，将公开发布负面结果。