Methodology. Issued, not interpreted.

kn0w is the AI Accountability Audit. The Audit is the founding act of issuance, producing a signed Opinion under the kn0w hallmark. The Opinion is benchmarked against a peer dataset no existing firm is structurally permitted to hold.

01 — The convergent question

Every regulator in scope has chosen the same posture.

Australian Securities and Investments Commission REP 798 · Beware the gap: Governance arrangements in the face of AI innovation

"Governance arrangements were often lagging the adoption of the technology … Of particular concern, there was a heavy reliance on existing governance frameworks that were not updated to address the new risks created by AI."

asic.gov.au · REP 798 · 29 October 2024

Every regulator in scope of this methodology has chosen the same posture: existing technology-neutral law applies to AI without modification. Accountability is named at senior individual level. Documentation is the evidentiary bar.

And across every framework, automated decision-making is the cross-cutting choke point — the question every regulator asks is the same: when an algorithm makes or substantially shapes a decision about an individual, what evidence does the firm hold that the decision was contestable, explicable, and non-discriminatory?

kn0w is structurally an institutional issuer — the same kind of institution as a credit rating agency, a financial audit firm, or a certification body — adapted for the AI governance question regulated companies now have to answer.

02 — The instrument

Six dimensions. Two channels.

The kn0w Audit measures AI accountability posture across six dimensions. Each dimension is measured through two channels.

Written intake carries the factual and quantitative half of the instrument. The CEO completes a two-stage company intake before the engagement begins; each function head completes a structured pre-session questionnaire before their voice session.

Voice carries the perception and judgement half. Seven sessions follow the written intake — Session 0 with the CEO and Sessions 1 through 6 with the heads of Technology, Compliance & Risk, Operations, Finance, Growth & Revenue, and Customer Success. Sessions run within regional infrastructure, end-to-end.

The split between channels is structural. Each issued Opinion is reviewed under the kn0w hallmark and stamped with the four-part identifier; authorising principals attest to the methodology under which it issues. The same six dimensions are measured by the founding act of issuance, by every Annual Statement, by every Quarterly Review, and by every member-commissioned re-Audit.

D · 01
Workflow Automation Rate
The proportion of a function's core workflows that run with an AI or automation component rather than manual execution.
D · 02
AI Tool Deployment
The breadth, category, and deliberateness of AI tooling running in production across each function.
D · 03
AI Literacy
The capability of each function to evaluate AI tools critically, identify failure modes, and make informed decisions about AI adoption.
D · 04
Governance & Oversight
The documented policies, accountability ownership, testing regime, and incident response governing AI use across the organisation.
D · 05
AI Investment Time
The weekly hours of leadership and function-head attention actually spent directing, evaluating, or overseeing AI.
D · 06
Outcome Tracking
The systematic measurement of AI outputs, errors, cost, and business impact.
03 — Dimensional parallelism

The CEO Visibility Gap.

The audit measures each of the six dimensions twice, from two perspectives — a structural device this methodology calls dimensional parallelism. Session 0 captures the CEO's perception across all six dimensions at company-wide level. Sessions 1 through 6 capture function-head reporting of actual practice across the same six dimensions.

The two sets of readings are parallel by construction — every Session 0 dimension question has a corresponding Sessions 1–6 counterpart measuring the same construct.

The difference is reported as the CEO Visibility Gap per dimension — the signed delta between CEO perception and function-head actual reading, weighted by function headcount.
Methodology · §03 · Dimensional parallelism
CEO Visibility Gap · per dimension
CEO perceptionFunction reality
D · 01 Workflow Automation
+16
D · 02 AI Tool Deployment
+15
D · 03 AI Literacy
+23
D · 04 Governance & Oversight
−5
D · 05 AI Investment Time
+22
D · 06 Outcome Tracking
+8
kn0w · Illustrative readingSample figures · not a benchmark

A positive gap indicates CEO perception exceeds function-head reported practice; a negative gap indicates the reverse. The Gap is reported on every operative artefact — the founding Opinion, every Annual Statement, and every Quarterly Review. Each Annual Statement is issued as a fresh absolute reading at the institutional anniversary, under the same hallmark, signature, and methodology as the Opinion.

04 — Peer dataset

Benchmarked against companies no existing firm is structurally permitted to hold.

Every audit contributes to a peer dataset held in regional AWS boundaries — Sydney for Australian engagements, London for UK engagements. Standing is required for the Opinion to be benchmarked.

The dataset is structured along three cohort axes: sector (FinTech or HealthTech), jurisdiction (Australia or United Kingdom), and staff band (50–100, 101–150, 151–200 — the primary cohort, 50–200 staff; a secondary band at 201–500 is captured but resolves only when it independently reaches the k=5 floor).

The dataset operates at a k-anonymity floor of k=5 from the first audit. Every percentile query resolves against at least five peer companies in the matching cohort, or it does not resolve. In the early operating period — before every cohort reaches k=5 — some queries return insufficient peer data in your cohort rather than a percentile. The dataset refreshes quarterly.

k=5
Anonymity floor from the first audit; queries below this threshold do not resolve
2
Regional AWS boundaries — Sydney ap-southeast-2, London eu-west-2
2
Sectors in primary scope — FinTech and HealthTech
Quarterly
Dataset refresh cadence across every cohort axis
05 — Bias mitigation

Two bias risks. Three structural controls.

Every audit instrument is exposed to two bias risks: respondents anchoring their answers toward what a good organisation would report, and respondents drifting between cycles in ways that create artificial consistency. A fourth control — dimensional parallelism — is also a bias control and is covered in §03 above.

01
The Elicitation Principle
Every perception question is tested against one rule before it enters the instrument: does the phrasing, scale, or framing signal what a good organisation would answer? If yes, the question is rewritten and re-tested.
02
Two-channel architecture
The split between written and voice is itself a bias control. Factual and quantitative questions are delivered in writing; perception and judgement questions are delivered in voice. A factual question delivered in voice invites estimation; a perception question delivered in writing invites the polished answer the rule is designed to defeat. The split is structural.
03
Six longitudinal controls
Applied to every Quarterly Review and every Annual Statement.
Temporal anchoring · Behavioural specificity · Randomised question order · Anchor question consistency · Social desirability framing · Longitudinal respondent consistency
06 — Regulatory mapping

Eleven frameworks. Routed to dimensions through primary text.

The Audit produces readings that can be submitted as evidence against named regulatory frameworks. Mapping is explicit, not interpretive — every framework in scope routes to specific dimensions through specific instrument questions, anchored to primary regulatory text.

Eleven frameworks are in primary scope. Members are routed to frameworks by sector × jurisdiction at intake.

app.kn0w.co / methodology / mapping
Regulatory Mapping · Primary Scope
In scope
Routed by sector × jurisdiction
Frameworks anchored to primary regulatory text
Frameworks
11
FrameworkAnchorStatus
APRA FARs21(1)(c)/(d) reasonable-steps test, operationalised by APRA's 30 April 2026 Letter to Industry on AIIn force
APRA CPS 230Operational risk management, paragraph 51 MSP registerIn force · 1 Jul 2025
ASIC s912AEfficiently, honestly and fairly, anchored by REP 798 (29 October 2024)In force
FCA SM&CRSenior Managers reasonable-steps test, SoR-by-SoR allocationIn force
FCA Consumer DutyPrinciple 12 outcomes test, FCA April 2024 AI UpdateIn force
FCA SYSC 15AOperational resilience, written self-assessment, governing-body approvalIn force
TGA SaMDTherapeutic Goods Act 1989, AI-enabled software as a medical deviceIn force
MHRA SaMDMedical Devices Regulations 2002, AI Airlock regulatory sandboxIn force
Privacy Act 1988APP 1.7–1.9 ADM transparency (Privacy and Other Legislation Amendment Act 2024)Commences 10 Dec 2026
UK GDPR / DUAA Art 22A–DSafeguards-operational test for solely-automated significant decisionsIn force · 5 Feb 2026
Equality Act 2010Section 19 indirect discrimination, provision, criterion or practiceIn force
kn0w · Regulatory mappingMapping is explicit, not interpretive

Most frameworks route primarily through governance and oversight — accountability is overwhelmingly named at senior individual level across the AU and UK regimes. Two frameworks route differently. The Equality Act 2010 and FCA Consumer Duty both route primarily through outcome tracking, because the section 19 indirect-discrimination test and the Consumer Duty good-outcomes test are fundamentally outcome tests on protected groups and retail customers respectively. The TGA framework routes through governance and AI tool deployment as co-primary, because the regulator's evidentiary frame demands model-level disclosure of training data, statistical methodology, and demographic representation.

Routing posture

The methodology routes each regulator’s question to the dimensions that match the regulator’s actual evidentiary demand, rather than forcing every framework to a single canonical routing. Mapping distinguishes obligations that are in force, regulator commentary signalling intent (thematic reviews, sandbox findings, speeches), and consulted-but-not-yet-in-force proposals. Each obligation routed in an Opinion is stamped with its status. The audit does not treat soft signal as hard rule.

Frameworks not currently in scope are tracked against documented promotion triggers — for example, a regulator publishing AI-specific guidance, or a public enforcement action turning materially on AI-driven evidence. Members operating into EU markets are subject to the EU AI Act in addition to the AU and UK frameworks; the Opinion names which evidentiary basis each finding supports.

The convergent question

Every routing in this methodology terminates in the convergent question named at the top of this page: when an algorithm makes or substantially shapes a decision about an individual, what evidence does the firm hold? The audit measures what evidence the member holds against it.

07 — Discipline

What we verify. Where data lives. What this is not.

The boundary conditions of the instrument. Each Opinion carries these three sections verbatim near the end of the document; the marketing page describes them once.

§06 · Verification Status
Every regulatory claim is traced, corroborated, or flagged.

Every issued artefact carries a Verification Status section near the end of the Opinion document. Every regulatory claim in the Opinion is traced to a primary source, corroborated by secondary where the primary was inaccessible, or flagged as interpretation where the primary source is silent.

Internal integrity ledger · operational, not published
§07 · Data handling
Audit data is held in regional AWS boundaries.

Sydney (ap-southeast-2) for Australian engagements; London (eu-west-2) for UK engagements. Data does not cross regional boundaries. Anonymisation runs through a dedicated pipeline before any cohort query resolves.

  • Controller · KN0W PTE. LTD. (Singapore · UEN 202615303G)
  • Sub-processor · kn0w LLC (Wyoming)
  • Retention · standing plus twelve months
  • Session audio · deleted within thirty days
SOC 2 Type II · ISO 27001 · via Vanta · neither yet certified
§08 · Limitations
Not a rating. A reading.

The Audit is a fixed-scope instrument. It measures what the six dimensions describe, against the peer cohort the member falls into.

  • Does not assess the technical performance of specific AI models.
  • Does not issue legal advice.
  • Does not certify individual AI systems or tools.
  • Does not produce a risk register, policy library, or implementation plan.
Issued, then reissued · never amended in place

Point-in-time issuance

Every artefact kn0w issues is issued at a point in time. Neither the Opinion nor any Annual Statement is a continuous rating, and neither is amended to reflect the member's subsequent state. The lifecycle admits three distinct version-bumping events: amendment (defect-driven only), supersession by Annual Statement (calendar-cadence at the institutional anniversary), and member-commissioned re-Audit (member-triggered, off-cycle, following a material change event).

This is the same discipline that governs ratings agencies, audit firms, and certification bodies: an issued Opinion is the issuer's view at a moment, not a rolling guarantee.

08 — Engagement shape

One cycle. Identical for every member.

Standing follows a fixed annual cycle. The engagement shape is identical for every member.

The founding kn0w Audit combines written intake and seven voice sessions, and issues the Opinion. Three Quarterly Reviews at months 3, 6, and 9 are written-intake only — no voice. They produce indicative dimension movement against the operative artefact baseline; they never amend or supersede it. The Annual Statement at month 12 is a full re-engagement that issues under the same hallmark and supersedes the prior operative artefact.

Across a standing year, the member encounters written intake at every issuance event and voice sessions at the founding Audit and the Annual Statement.

4wk
kn0w Audit — founding engagement, written intake plus seven voice sessions
3
Quarterly Reviews — months 3, 6, 9, written-intake only
1
Annual Statement — month 12, supersedes the prior operative artefact
7
Voice sessions per founding Audit and per Annual Statement
09 — Issuance

Every Opinion is signed under the hallmark.

Every Opinion and every Annual Statement is issued under the kn0w hallmark, stamped with the four-part identifier: kn0w / NNNNNN / YYYY-MM-DD / vX.Y — the issuing party, the sequence number, the date of issue, and the artefact version.

The hallmark and the identifier together are the institutional signature; authorising principals attest to the methodology under which the artefact issues. The sequence number is shared across the member's institutional relationship: the same NNNNNN appears on the founding Opinion, on every Annual Statement that supersedes it, and on every member-commissioned re-Audit.

Founding Principal
on behalf of KN0W PTE. LTD.

Commission an opinion.

Fixed scope. Fixed price. One engagement. Four weeks. Issued as a signed Opinion under the kn0w hallmark.

Commission an Opinion →