Every standard in the NAIC framework was built from the inside out. Not assembled from theory. Not borrowed from adjacent industries. Written by practitioners who have deployed AI at scale across healthcare, defense, law, and finance — and who know precisely where it fails, what it costs, and what governance actually looks like when it has to hold up.
CHAPTER 01 · UNIVERSAL
AI Competence Standards
◈ Applies to All Four NAIC Tracks
NAIC evaluates whether an institution, company, or individual demonstrably understands how modern AI systems work — not just in theory, but in deployment. Credentials alone are not sufficient. The assessment determines whether the entity knows where AI fails, what that failure costs, and how to respond.
Demonstrated understanding of current AI system architectures including large language models, machine learning pipelines, computer vision systems, and predictive analytics. The assessment evaluates working knowledge, not academic familiarity.
01
Current Architecture Literacy
Ability to accurately describe how large language models, neural networks, and modern ML systems operate — including training, inference, fine-tuning, and deployment architectures.
02
Vendor Claim Evaluation
Ability to critically evaluate AI vendor claims, identify technically unsupported assertions, and distinguish between demonstrated capability and marketing language.
03
Failure Mode Recognition
Understanding of common AI failure modes including hallucination, distributional shift, overfitting, adversarial vulnerability, and cascading failure in production environments.
Track Applicability
UniversityCorporateCommercialConsultant
Documented experience with AI deployment in production environments. NAIC does not certify theoretical expertise. Assessment includes evidence of real deployments, outcome measurement, and failure remediation.
01
Documented Deployments
Evidence of AI systems deployed in live production environments with measurable outcomes, user populations, and documented performance metrics.
02
Remediation Experience
Documented experience identifying and remediating AI system failures, including the process, timeline, and outcome of remediation efforts.
Track Applicability
CorporateCommercialConsultant
CHAPTER 02 · UNIVERSAL
Ethics & Accountability
◈ Applies to All Four NAIC Tracks
AI systems that cause harm at scale do not fail because of bad intentions. They fail because accountability was never embedded in the process. NAIC evaluates whether ethics is operational — not aspirational. Written policies are necessary but not sufficient.
Documented process for ethical review of AI projects prior to deployment. NAIC assesses whether the review process is real, functional, and capable of stopping a project — not whether it exists on paper.
01
Pre-Deployment Review Gate
Evidence of a formal ethical review stage that occurs before AI system deployment, with documented outcomes and the demonstrated ability to halt or modify deployments based on findings.
02
Bias Testing Protocol
Documented methodology for bias testing across relevant demographic and operational dimensions, with evidence that results informed deployment decisions.
03
Accountability Assignment
Named, specific individuals who hold accountability for AI-driven decisions and their consequences. Accountability must be assigned to humans, not to the AI system itself.
CHAPTER 03 · UNIVERSAL
Governance & Risk Framework
◈ Applies to All Four NAIC Tracks
Governance is not a policy document. It is an operational system that functions under pressure. NAIC evaluates whether an organization's AI governance would hold up when a system fails, when regulators ask questions, and when the board wants answers.
A formal AI governance policy that is actively in force, with named responsible parties at each level of the organization. Policy documents filed and forgotten do not qualify.
01
Named Governance Owners
Specific individuals named as accountable for AI governance at the executive, operational, and project levels. Roles, not titles — we verify actual people.
02
Risk Classification System
A documented system for classifying AI deployments by potential impact level, with corresponding governance requirements at each risk tier.
03
AI-Specific Incident Response
A documented incident response plan specific to AI system failures — distinct from general IT incident response, and tested at least annually.
CHAPTER 04 · UNIVERSAL
Data & Privacy Standards
◈ Applies to All Four NAIC Tracks
AI systems consume, process, and generate data at a scale that traditional privacy frameworks were not designed for. NAIC evaluates whether data handling keeps pace with AI capability — not whether legacy compliance checkboxes are checked.
Documentation of data sources used in AI training or fine-tuning, with evidence of consent, licensing, or authorized use for each data category.
01
Data Source Documentation
Complete inventory of data sources used in AI model training or fine-tuning, including provenance, consent status, and applicable licensing.
02
Personal Data Handling
Documented procedures for how personal data interacts with AI systems, including storage, processing, retention, and deletion protocols that satisfy applicable regulations.
CHAPTER 10 · COMMERCIAL AI TRACK
AI Product Safety Standards
⬡ Commercial AI Registry Track Only
SaaS companies and AI product builders selling into institutional markets carry a different level of responsibility.
When your product is deployed inside a hospital, university, or Fortune 500 company, your governance is their governance.
NAIC evaluates commercial AI products on what they actually do — not what the marketing materials say they do.
Independent assessment of whether the product performs as claimed under realistic operating conditions, including edge cases, adversarial inputs, and high-load scenarios.
01
Claims Verification
NAIC independently verifies product capability claims against documented test results. Unverified claims are flagged and must be resolved before registration is granted.
02
Failure Disclosure
Documented disclosure of known failure modes, limitations, and edge cases. Products with undisclosed known failures are not eligible for NAIC registration.
03
Update and Patch Governance
Documented process for communicating product updates, capability changes, and security patches to institutional customers, with change management protocols.
Apply for NAIC Evaluation
Your organization meets these standards. Let us document it.
NAIC evaluation is thorough by design. You will know exactly what you cleared, what the process found, and what your designation means to the market.