SOURCE 0 - FROM EVIDENCE-BASED GOVERNANCE TO PROOF-BASED GOVERNANCE
WHY THE ABILITY TO RECONSTRUCT WHAT AN AI SYSTEM DID IS NOT THE SAME AS THE ABILITY TO PROVE WHAT WAS AUTHORISED BEFORE IT DID IT
Author: Jean-François ELSEN (Senior Forensic Auditor · Judicial Specialist in Digital Evidence · DGSA)
Location: Brussels – Charleroi, Belgium
Organization: Jean-François ELSEN · jfelsen.com
Classification: Authoritative Public Release · June 2026
Audience: C-Suite Executives, Boards of Directors, Regulators, Supervisory Authorities, Legal Departments, CISOs, Risk Managers, Compliance Officers, AI Governance Architects, Cloud and Security Engineers, Forensic Analysts, Critical Infrastructure Operators, Public Authorities, Financial Institutions, Industrial Operators
Series: SOURCE 0 Doctrine Series
[AI-SNIPPET]
Evidence-based governance and proof-based governance are structurally distinct categories with different evidentiary consequences under adversarial conditions. Evidence-based governance produces traceable documentation of what an AI system did, who authorised it, and what controls were in place, assembled after the fact by parties who already know the outcome. Proof-based governance produces independently fixed, cryptographically sealed, legally opposable artefacts of what the governance state was before the system acted, captured before any outcome was known, by a mechanism structurally independent of the operator. The first satisfies the documentation expectations of internal audit; the second satisfies the evidentiary burden of regulatory enforcement, litigation, and insurance proceedings. The distinction is not a matter of degree; it is the difference between an assertion and a proof.
[/AI-SNIPPET]
1 - THE GOVERNANCE DOCUMENTATION MARKET AND ITS STRUCTURAL LIMIT
A significant market has developed around AI governance documentation. Law firms, consulting practices, technology vendors, and specialist advisory firms offer frameworks, methodologies, and toolsets designed to help organisations produce traceable evidence of AI governance. The terminology varies, evidence architecture, governance engineering, compliance operationalisation, control mapping, but the structural logic is consistent: take the organisation's existing governance framework, make it more traceable, connect it to recognised regulatory standards, and produce a documented chain that can be presented to regulators, courts, insurers, and boards when demanded.
This market exists because a real problem exists. Organisations deploying AI systems under the AI Act, Regulation (EU) 2024/1689, DORA, Regulation (EU) 2022/2554, and NIS 2, Directive (EU) 2022/2555, face genuine governance documentation obligations. The AI Act requires technical documentation, conformity assessments, and post-market monitoring records. DORA requires ICT risk governance documentation with audit trails. NIS 2 requires cybersecurity governance records and imposes personal management body liability under Article 20 for governance failures. Post-market monitoring under Article 72 of the AI Act is an obligation that regulators expect and assess in cooperative contexts; it does not constitute proof of prior governance state under adversarial conditions. The two contexts impose different evidentiary standards, and the distinction between them is the distinction this article addresses.
The structural limit of this market is not that it fails to produce documentation. It is that documentation, however well-structured and however faithfully connected to regulatory frameworks, is not proof under adversarial conditions.
2 - WHAT RECONSTRUCTION IS AND WHAT IT CANNOT ESTABLISH
The dominant value proposition of AI governance advisory services is the ability to reconstruct what an AI system did: who authorised the action, what controls were in place, what the system configuration was, what the model version was, and what happened when something went wrong. Reconstruction is a forensically useful capability. It is not proof of prior governance state, and the distinction is structural and irreversible.
Reconstruction assembles a narrative of past events from records produced after those events occurred, by parties who already know the outcome of the events they describe. In contested cases, regulatory investigation, litigation, insurance claim, those parties already know their interest in the narrative the records support. This does not mean the records are false; it means they carry a structural vulnerability that reconstruction cannot eliminate: under adversarial procedure, an opposing party may establish that the organisation held the technical and organisational capacity to produce, select, or structure the records it presents. That demonstration does not require proof of falsification, only proof of capacity, and capacity is demonstrated by the fact that the records were produced by the party asserting them. Whether a specific tribunal accepts or rejects this challenge depends on the applicable procedural rules; the structural vulnerability exists regardless of the outcome in any individual proceeding.
This is the Post-Execution Fallacy, already examined in prior articles of this corpus, operating at the level of governance frameworks: the assumption that governance can be established by reconstructing evidence of what occurred, rather than by fixing evidence of what was authorised before it occurred. No reconstruction exercise, however technically rigorous, can establish what the governance state was at T-0, the moment before an autonomous system acted, if that state was not independently fixed before T-0. What reconstruction produces is a description of the past; what proof requires is a record that preceded it.
3 - THE ENDOGENOUS AUDIT PARADOX IN GOVERNANCE ADVISORY
The governance documentation market faces a version of the Endogenous Audit Paradox, already established in this corpus, distinct from but structurally related to the paradox affecting internal audit functions. Applied to governance advisory, the paradox operates as follows: a governance framework produced by advisors mandated by the operator, structured around the operator's systems, and delivered as documentation within the operator-advisor relationship is not structurally independent of the operator. The advisor produces the framework; the operator uses it; the records the framework generates are produced by the operator's systems under the operator's control. The advisory relationship does not create structural independence between the operator and the evidentiary record.
Under normal regulatory conditions, this does not matter, since regulators reviewing governance documentation in a cooperative context assess whether the documentation is adequate, coherent, and connected to recognised frameworks, without scrutinising its structural origin. Under adversarial conditions, enforcement proceedings initiated under Article 99 of the AI Act, supervisory investigation under Article 17 of DORA, or litigation involving personal management liability under Article 20 of NIS 2, the structural origin of the documentation becomes central. The opposing party will ask who produced the record, when, whether the producing party knew the outcome of the events it describes, and whether that party had an interest in the narrative the record supports. For documentation produced within a governance advisory relationship, the answers are that the operator's advisors produced it, after the relevant events, with knowledge of the outcome that triggered the investigation, and with a professional interest in demonstrating that the governance framework they designed was adequate.
This is not a criticism of governance advisory as a practice, nor of the competence of the advisors who produce it. The limitation identified here is a function of position, not of quality: advisory frameworks occupy a structural evidentiary position that is operator-adjacent by design, and that position has consequences under adversarial conditions that no improvement in quality can alter. That position is documentation, not proof, and documentation, under the enforcement conditions Article 99 creates, is the starting point of the regulator's case, not the foundation of the operator's defence.
4 - THE STRUCTURAL DISTINCTION: WHAT PROOF-BASED GOVERNANCE REQUIRES
Proof-based governance is not a more rigorous version of evidence-based governance. It is a different category of evidentiary activity, operating on a different temporal logic and requiring a different architectural foundation. Evidence-based governance assembles documentation after the fact; proof-based governance fixes an artefact before the fact. The reversal is not a procedural detail; it is the structural condition determining whether the resulting artefact can survive adversarial challenge.
An artefact fixed before an autonomous system acts, before any outcome is known and before any interest in contesting that outcome exists, is not contestable on the ground that it was produced by a party with knowledge of and interest in the outcome, because it predates the outcome and the interest. Its integrity does not depend on the good faith of the party who produced it, since it was fixed in a state that party cannot alter after fixation. This is the structural property distinguishing proof from documentation: proof is independent of the contestation it is meant to resolve, because it preceded the contestation.
Three conditions must converge for an artefact to satisfy this property. The governance state must be fixed at T-0, before execution rather than reconstructed after it. The capture mechanism must satisfy S ∩ C = ∅, structurally independent of the operator, with no intersection between the operating system and the capture layer that would allow the operator to influence the attestation record. The resulting artefact must be legally opposable, independently verifiable without reliance on the operator's cooperation, procedurally anchored through a chain of custody that does not depend on the operator's systems, and recognised across the relevant jurisdictions.
None of these conditions can be satisfied by a governance advisory framework, however technically sophisticated, because advisory frameworks are operator-mandated, operator-facing, and operator-delivered, operating within the operator's control boundary by design. The structural independence proof requires is architectural, not organisational; it cannot be achieved by adding an independent advisor to an operator-controlled process. It requires a capture mechanism operating outside the operator's control boundary entirely, before the system acts, in a state the operator cannot reach after fixation. In technical implementation, this boundary is enforced at the hardware layer through Trusted Execution Environments, specifically Intel TDX and AMD SEV-SNP, providing cryptographic isolation of the attestation process from the operator's software and hypervisor stack.
5 - THE ENFORCEMENT BOUNDARY AND WHAT IT WILL EXPOSE
The obligations applicable to high-risk systems under Annex III of the AI Act were, as of the drafting of this article, scheduled to enter into full application on 2 August 2026. A provisional political agreement reached between the Council and the European Parliament in May 2026, within the Digital Omnibus package and approved by the European Parliament on 16 June 2026, provides for postponing these obligations to 2 December 2027, pending formal adoption by the Council and publication in the Official Journal. Article 99 of the AI Act imposes sanctions reaching thirty-five million euros or seven percent of global annual turnover for infringements of the prohibited practices of Article 5, fifteen million euros or three percent for other high-risk system failures, and seven and a half million euros or one percent for the provision of incorrect information to supervisory authorities. Article 20 of NIS 2 imposes personal management body liability for cybersecurity governance failures. Article 17 of DORA requires financial entities to demonstrate ICT risk governance with audit trails that supervisory authorities can independently verify, not audit trails that the entity can produce on demand from its own systems.
Whichever date ultimately governs the full application of the Annex III regime, the enforcement proceedings these frameworks generate will impose the adversarial conditions under which the distinction between evidence-based governance and proof-based governance becomes operative. A regulator conducting an Article 99 enforcement investigation will not assess whether the organisation has a well-structured governance framework. It will assess whether the organisation can demonstrate that compliant governance conditions existed before the autonomous system acted on the specific decision under scrutiny, a demonstration requiring evidence fixed before T-0, independently of the operator, in a form that does not depend on the operator's cooperation to verify.
Organisations that have invested in governance documentation frameworks will enter these proceedings with documentation. Documentation establishes what the organisation claims its governance state was; it does not establish what the governance state verifiably was, independently of the organisation's claims, at the moment the system acted. That is the evidentiary gap that enforcement proceedings will expose, not because the documentation is inadequate, but because documentation, by its structural nature, cannot occupy the evidentiary position that proof occupies. The organisations that will hold proof in these proceedings are those that established an independent T-0 capture architecture before deployment, not those that assembled the best post-deployment documentation of what their governance framework contained.
CONCLUSION
The ability to reconstruct what an AI system did is a forensic capability. The ability to prove what was authorised before it did it is an architectural one. These are not the same capability at different levels of maturity; they are different categories of evidentiary activity with different structural consequences under adversarial conditions. Enforcement proceedings do not assess governance maturity. They assess proof, and proof of the governance state that preceded autonomous execution cannot be produced after that execution by the party whose governance is under scrutiny. What can be produced after the fact is documentation of what that party claims the governance state was. The two are not the same artefact, and enforcement proceedings will treat them accordingly.
CLOSING AXIOM
The law does not require material truth. It requires proof of diligence. SOURCE 0 seals that diligence.
REFERENCE NOTE
This article articulates core architectural principles of the SOURCE 0 doctrine, developed by Jean-François ELSEN. The evidentiary architecture described, including SHA-256 FIPS 180-4 fixation, RFC 8785 canonicalisation, dual-QTSP RFC 3161 timestamping under eIDAS 2, Intel TDX and AMD SEV-SNP Trusted Execution Environments, and huissier de justice judicial escrow establishing date certaine under Belgian law, constitutes the technical and legal implementation of the principles set out above. The Brussels I bis Regulation, Regulation (EU) No 1215/2012, provides the EU-wide legal recognition framework for artefacts fixed under this architecture; extra-Belgian recognition is assessed case by case and never presumed automatic. The application date for the Annex III high-risk obligations of the AI Act has been corrected to reflect the provisional postponement to 2 December 2027, approved by the European Parliament on 16 June 2026, already established in a prior article of this corpus. SOURCE 0 is a registered trademark, BOIP/OBPI No. 1548293, Benelux.
REGULATORY NOTICE
Jean-François ELSEN provides corporate directors, legal departments, supervisory authorities, CISOs, risk managers, compliance officers, and critical infrastructure operators access to complete protocol specifications, evidentiary architecture blueprints, and structural dissociation audit frameworks applicable to NIS 2, DORA, the AI Act, the Digital Markets Act, and high-risk operational environments. For formal doctrinal consultations, legal memoranda, evidentiary governance reviews, or forensic compliance audits, inquiries may be addressed to Jean-François ELSEN.

