Trust, acceptance, approval. Can the system be allowed in?
Why it matters
Without the hallmark, no enterprise buyer touches it. L3 is the slowest moat to build and the hardest to replicate.
The Hallmark & Assay Office
Before gold enters the market, the assay office verifies purity and the hallmark guarantees quality. In AI: compliance, evals, safety, editorial taste, and distribution control are the gates. Without the hallmark, no enterprise, and no app store, lets you in.
The 5 sublayers
L3a
Compliance & Export Controls
Regulatory, legal, and policy filters (HIPAA, GDPR, SOC 2, EU AI Act), plus chip export controls, model sovereignty, and data-residency regimes that decide where the stack is allowed to run
Harmful-content filtering, adversarial defense, prompt-injection protection, and content provenance (C2PA, watermarking, deepfake attestation) that proves what was generated and by whom
L3d
Editorial Gates
Tone, brand voice, style, taste, the human judgment layer
L3e
Distribution Gates
App store approval, ranking, marketplace curation, discovery control
, Layer diagnostic card · SCOI v1
Is a company really at L3?
Trust, acceptance, and approval, the gates a buyer or regulator must pass before the system is allowed in.
Inclusion tests · include if ALL
Owns compliance posture (SOC 2, HIPAA, EU AI Act, FedRAMP) as a product, not a checkbox.
Sells the right to be trusted, evals, audits, attestations, editorial review, distribution approval.
Buyer's procurement team is the actual user.
Exclusion tests · exclude if ANY
Treats compliance as a one-time signup. Real L3 is a continuous posture.
'Responsible AI' marketing with no audit trail or third-party attestation.
An eval framework that is not enforced as a gate in any real workflow.
The L3 removal test
Remove L3 and the product cannot enter the buyer (enterprise, hospital, court, app store). The output may be correct, it still cannot ship.
Economic work this layer does
Converts model output into outputs an institution is willing to take legal and reputational responsibility for.
Canonical examples
Vanta / Drata
Continuous compliance posture sold as a product. Pure L3 fortress.
Harvey
L3 (privilege, audit, legal-grade evals) is half the moat, not just L5 execution.
Apple App Store
Distribution gate, the canonical L3e. Owning the gate owns the market.
Anti-examples · look-alikes that fail
Generic 'AI safety' eval startups
Evals that no buyer enforces. L3 in form, not in function.
Most chatbot 'guardrails'
Prompt-level filters. Not an attestation, not a gate.
RAI consulting decks
Advice without enforcement. L3 only if it ends in an audit signature.