Open Framework · CC BY 4.0 · Est. Sweden 2025

Controlled AI
delegation, defined.

The Verkflöde Agent Operating Model. An open framework for structuring AI decision authority in enterprise workflows.

Delegation-First Architecture-Backed Compliance-Credible
Try Delegation Lab Read the whitepaper
L3 Decision Gate
LIVE
Task
RefINV-2026-0412
Vendor invoice€3,200.00
3-way PO matchEXACT
Contract termsUNCHANGED
Anomaly score0.03
Composite confidence 0.00/ 1.00
LOWMEDIUMHIGH
Authority
BandA · ≤€5k AP
Role ownerap-controller@ent.eu
Routing
AUTO-EXECUTE · POST TO ERP
VAOM L3Decision GateAudit: Full14:02:37 CET
Worked example · AP invoice approval → §6 Matrix

The Problem

Governance tells you what is allowed. It rarely tells you what the agent can do.

Enterprise AI has moved from experimentation to operational delegation.

AI agents now influence financial approvals, contract decisions, HR processes, compliance monitoring, and customer operations. Most governance frameworks define what AI is allowed to do in principle. Few define how AI systems exercise decision authority within live workflows.

That gap is where incidents happen. VAOM closes it.

01Policy permits AI-assisted approval for low-risk invoices.
02Agent reads an invoice, produces a draft with confidence 0.76.
03Policy is silent on what counts as confident enough to post.
04Implementation defaults. An approval is posted.
05Six weeks later, audit asks: who decided 0.76 was enough?

The Framework

A practical operating model for enterprise AI delegation.

VAOM sits between governance intent and operational execution. It translates policy into structured delegation boundaries, confidence thresholds, escalation logic, and audit traceability.

Seven-layer architecture. Six delegation patterns. Composite confidence scoring. Delegation bands with explicit no-automation zones. Model drift management. Regulatory mapping to the EU AI Act, DORA, NIS2, NIST AI RMF, and ISO 42001.

Not a product. Not a platform. A framework any organisation can adopt, adapt, and build on.

Control layers
0
From trigger and intake through governance and human oversight.
Delegation patterns
0
Observe, assist, recommend, review, act, and exception.
Regulatory mapping
GDPR · DORA
NIS2 · AI Act
Plus NIST AI RMF and ISO 42001.
Licence
CC BY 4.0
Open Framework
Adopt, adapt, attribute. No gatekeeping.

Interactive

Learn VAOM by running it.

An interactive browser experience that teaches VAOM through play. Three rounds. Four scenarios. Calibration anti-patterns surfaced in real time as you delegate.

3rounds 4scenarios 0signup
Try Delegation Lab at verkflode.eu

Principles

Six principles that hold the framework together.

The principles are not aspirational. They are the load-bearing constraints that make VAOM a framework and not a checklist.

01
Controlled delegation over blind automation.
Automate only when both statistical confidence and organisational policy permit. Otherwise, route to humans.
02
Confidence informs authority, it does not define it.
High model certainty never grants execution rights. Authority is an independent gate, owned by the organisation, not the model.
03
Architecture before acceleration.
Define delegation boundaries and evidence requirements before deploying agent capabilities. Speed without structure is how incidents compound.
04
Compliance as structural outcome.
EU AI Act, DORA, NIS2, GDPR. None of these are bolted on. They are embedded in the layer model so evidence is a byproduct of operation, not a separate artefact assembled after the fact.
05
Human accountability preserved.
A named role owns the outcome. Every override is logged with the same immutability as the agent actions it overrides.
06
Versioned learning under change control.
Every threshold change, knowledge update, or behaviour shift is versioned, tested, approved, auditable. Continuous learning does not mean continuous drift.

Delegation Authority Matrix

Worked example: vendor invoice approval.

Every AI decision explicit, auditable, and owned by a named human.

Scenario High confidence Medium confidence Low confidence
Auto-execute Human review Escalate Non-delegable

Delegation Patterns

Six patterns. Increasing autonomy. Never unbounded.

P1Autonomy 0.10

Observe

Agent ingests, classifies, logs. No proposals. No actions. Establishes data quality and detection baselines.

P2Autonomy 0.25

Assist

Agent annotates human work with retrieval, summaries, suggested fields. Human remains the actor and the accountable role.

P3Autonomy 0.45

Recommend

Agent produces a ranked draft decision with rationale and confidence. Human accepts, edits, or rejects. Full trace retained.

P4Autonomy 0.65

Review

Agent acts within policy, posts to a review queue. Action is reversible within a defined window. Sampling audit applies.

P5Autonomy 0.85

Act

Agent executes inside a delegation band, high confidence required. Human reviews exceptions, drift, and calibration history.

P6Autonomy — exception

Exception

Non-delegable decision. Routed to a named human role. Agent may prepare the brief, never post the outcome.

Whitepaper

Read the VAOM v3.5 whitepaper.

Full specification. Six principles, seven layers, worked examples for invoice approval, complaint escalation, AML triage, and HR policy assessment. Ninety-day implementation roadmap.

Version 3.52026CC BY 4.0
Read online Download PDF

Who maintains VAOM

Verkflöde AB.

Verkflöde AB is a Swedish company that maintains the VAOM framework as an open specification under CC BY 4.0.

The framework draws on two decades of practice in enterprise technology, learning systems, and AI governance. It reflects hard-won lessons from regulated sectors where accountability is not optional.

Verkflöde publishes VAOM, updates it, and engages selectively on framework reviews, workshops, and speaking invitations.

FoundedSweden, 2025
RegisteredSweden, 559538-5708
LicenceVAOM released under CC BY 4.0

Get in touch

Questions, feedback, collaboration.

For framework questions, feedback, speaking invitations, or collaboration.

Emailhello@verkflode.com
LinkedInVerkflöde AB