The National AI Governance Playbook · Part II · Chapter 5
The full policy and regulatory chain
A principle binds only when it reaches a control a deployed system must pass. This chapter sets out the six links of the policy and regulatory chain that carry it there, locates the two regimes' instruments along the chain, and gives completeness a working test: the chain can be walked in both directions.
By Myriam Ayada · MindXO · July 2026
In brief
A principle binds only when it survives translation into a control a deployed system must pass. Between the two run six links: the principle, the designed policy, the binding instrument, the regulatory rulebook, the referenced standard with its assurance scheme, and the operational control with its evidence. Each link has an owner, an instrument and a kind of force, and the two regimes of Chapter 4 occupy different links: the usage-based regime holds the instrument and the rulebook, the safety and security regime holds the standard and the control. A complete design is one whose chain can be walked in both directions, down from any principle to the controls that enforce it, and up from any control to the principle that requires it.
Why the chain matters
Governments write principles; deployed systems run controls. Everything in between is translation, and each step of that translation is performed by a different institution using a different instrument. A national strategy declares that AI must be safe and accountable. What a bank operates, three years later, is a model inventory, a testing schedule and an escalation procedure. The distance between those two artefacts is not rhetoric; it is a sequence of documents, each converting the one above it into something a narrower audience can act on.
Chapter 2 examined the states a governance program passes through, and Chapter 4 grouped the machinery into two regimes. This chapter follows a single thread down the whole length of the system: the chain of instruments that connects a principle at the top to a control at the bottom. It matters because the chain is where designs actually fail. Programs rarely lack principles, and organisations rarely lack controls. What breaks is the middle: laws no rulebook translates, rulebooks that cite no standard, controls whose evidence never travels back up.
The six links
Six links recur in every jurisdiction, whatever the legal tradition. The names of the instruments vary; the sequence does not.
L1. Principle: what the country stands for
Owner: cabinet, through the national strategy. Instrument: the strategy itself, and the international principles it adopts (Chapter 1). Force: declaratory. It obliges no one, and it legitimises everything below it.
L2. Designed policy: what the principle means in practice
Owner: the design stage of Chapter 2, wherever the jurisdiction houses it. Instrument: a white paper, an impact assessment, a designed policy with scope, roles and funding. Force: administrative. It commits the government's intent without yet binding anyone outside it.
L3. Binding instrument: what makes it law
Owner: the legislature or the executive, depending on the vehicle. Instrument: a statute, a decree, targeted amendments or an existing statutory plan; Chapter 8 chooses among them. Force: legal and general. From this link down, obligations exist.
L4. Regulatory rulebook: what a sector must do
Owner: the sector regulators of the usage-based regime. Instrument: rules, supervisory guidance and licence conditions, written in each sector's terms. Force: legal and specific. This is where an obligation acquires a supervisor, an inspection and a sanction.
L5. Standard and assurance: how compliance is demonstrated
Owner: the standards body and the accreditation authority of the safety and security regime. Instrument: the referenced standards and the assurance schemes accredited against them. Force: technical, by reference. It binds only when a rulebook or contract cites it, and then it binds precisely.
L6. Control and evidence: what a deployed system must pass
Owner: deployers, verified by assessors and read by supervisors. Instrument: the controls themselves: tests, thresholds, documentation, monitoring. Force: operational. Its product is evidence, and the evidence is what travels back up the chain.
Sheet 05 of 13, the chain and where the regimes sit on it: six links from principle to control, each with its owner, instrument and force. The binding instrument and the rulebook carry the usage-based regime; the standard and the control carry the safety and security regime. The rulebook citing the standard is where the two regimes meet, the interface of Chapter 4. Read down, the chain answers how a principle is enforced; read up, why a control exists.
Where the two regimes sit on the chain
Laid along the chain, the two regimes of Chapter 4 stop being an abstraction. The usage-based regime occupies links three and four: it is the law that creates obligations and the rulebooks that make them specific, written and enforced sector by sector. The safety and security regime occupies links five and six: the standards that define what safe and secure mean, the schemes that assure them, and the evidence that deployed systems produce. It also reaches upward, since the evaluation capability informs the designed policy at link two with evidence about what models can do.
The interface between the regimes, the load-bearing joint of Chapter 4, appears on the chain as something concrete: a citation. When a rulebook at link four cites a standard at link five, the sector regulator borrows the technical regime's definitions and its assurance market instead of inventing both. Regulation (EU) 2024/1689 works exactly this way: the AI Act states obligations, a standardisation request tasks CEN-CENELEC with the harmonised standards that give them technical content, and conformity assessment by notified bodies closes the loop to the CE marking. The United Kingdom reaches a similar joint without a statute, through regulator guidance that leans on a government-fostered assurance ecosystem. Singapore wrote the chain sector-first: the FEAT principles became supervisory expectations, and AI Verify supplies the testing that evidences them.
Traceability, in both directions
The test of a complete chain is that it can be walked both ways. Downward, from any principle: which instrument binds it, which rulebook applies it, which standard defines it, which control evidences it. Upward, from any control: which rule requires it, under which law, in service of which principle. The downward walk answers how a commitment is enforced. The upward walk answers why a control exists, and it is the walk auditors, courts and boards actually take.
Walked this way, the symptoms of Chapter 2 acquire an address. An undated international commitment is a break between links one and three: a principle with no binding carrier. An overlapping mandate is two owners claiming the same link. A rulebook that demands safety without citing any standard is a break between links four and five, and it quietly delegates the meaning of safety to every firm and every assessor separately. Evidence that is produced but never read is a break at link six, where the chain fails to close. Locating a gap on the chain converts a general unease about implementation into a named document that is missing, with an owner who can be asked to produce it.
Common failure mode. Law without a rulebook, rulebook without a reference. The two middle breaks do the most damage. A statute passes and nothing changes on the ground, because no regulator has translated it into rules a firm can follow; the law is real but unenforceable in practice. Or the rulebooks exist but cite no shared standard, so each sector, each firm and each assessor construes safety in its own terms, and the assurance market fragments into private vocabularies. Both breaks are invisible at strategy stage and expensive at audit stage.
What the chain settles
- Completeness has a definition. A governance program is complete when every principle it declares reaches at least one control, through named instruments with owners and dates. Anything less is a chain with missing links, however polished the strategy.
- The citation is a design decision. Which standards the rulebooks cite, and how uniformly, decides whether the safety and security regime is used once or reinvented per sector; Chapter 6 treats it as the coherence question.
- Evidence must have a return path. Link six produces the only proof the system generates. Who reads it, at what cadence, and what it can trigger belongs to the measurement design of Chapter 12.
- The vehicle question is scoped. Only link three is about choosing a legal vehicle. Treating the whole chain as a legislation problem overloads the statute; Chapter 8 sizes the instrument to the link.
The chain closes Part II. The architecture now has its two regimes, their interface, and the instruments that carry both from principle to control. Part III turns to the design phase itself: Chapter 6 opens the five questions that allocate the links to institutions, beginning with the question every other one depends on, who does what.
Three questions for every government
- For each principle the strategy declares, which binding instrument, rulebook and control carry it, and can the walk be made in both directions?
- Where do the sectoral rulebooks cite the shared standards and assurance schemes, and where do they define safety in their own terms?
- Which links of the chain have a named owner and a date, and which exist so far only as intent?
Selected public sources
- Regulation (EU) 2024/1689 (AI Act), European Union, 2024
- Standardisation request to CEN-CENELEC in support of safe and trustworthy AI, European Commission, 2023
- A pro-innovation approach to AI regulation, white paper and government response, United Kingdom, 2023 and 2024
- Introduction to AI assurance, UK Department for Science, Innovation and Technology, 2024
- FEAT Principles, Monetary Authority of Singapore, 2018
- AI Verify, IMDA and AI Verify Foundation, Singapore, 2022
- ISO/IEC 42001, AI management systems, ISO/IEC, 2023
- AI Risk Management Framework and Generative AI Profile, NIST, 2023 and 2024