arXiv:2606.04037: Trust certificates for AI agents before entering regulated industries

As more and more enterprises want to release autonomous AI agents into regulated sectors such as banking or healthcare, a question arises: how do you prove an agent is safe before it goes into production? A paper by authors Thanh Luong Tuan and Abhijit Sanyal offers a formal answer.

What is the agent’s operational framework?

The central concept is the Agent Operational Envelope — an operational framework that formally defines the boundaries within which an agent may operate. It encompasses permissions, domain constraints, safety properties, governance rules, and the level of autonomy. Only when the agent’s behavior is proven to fall within that envelope does the system issue it a Trust Certificate — a machine-verifiable trust certificate with a graduated verdict on whether the agent may be deployed.

What is an ontology and what is it for?

An ontology is a structured knowledge model that describes concepts and their relationships in a domain. Instead of generating scenarios from fictional user personas, the authors derive them from the ontology of the regulated field. The testing covered four sectors — fintech, banking, insurance, and healthcare — and generated 1,800 scenarios checked against 125 primary regulatory requirements, with 25 faults injected in advance.

How effective is the approach?

Ontological generation significantly outperformed the persona-based approach in regulatory coverage: 48.3 percent versus 33.1 percent. The framework also achieved the highest domain specificity (4.77 out of 5.0). The validation covered three model families — Claude Sonnet 4, Qwen 2.5 72B, and Gemma 4 26B — with a total of 5,400 scenarios.