# Skill: 91ff9448 - Regulatory Compliance Infrastructure **Version**: 1.0.0 **Skill ID**: 91ff9448 **Category**: Regulatory Framework **Last Updated**: 2025-01-10 --- ## 1. Description This skill defines requirements for establishing and maintaining a regulatory compliance infrastructure. The infrastructure must ensure that written rules have违约成本 (breach costs) that exceed benefits, while minimizing resource burden on non-regulatory personnel and external partners. Agents must validate that compliance systems meet these fundamental economic incentive requirements. ## 2. Input Data Structure ```yaml $schema: https://agentskills.io/schemas/compliance_infrastructure type: object properties: infrastructure_id: type: string pattern: ^[a-f0-9]{8}$ description: Unique identifier for this compliance infrastructure infrastructure_name: type: string description: Name of the compliance infrastructure required: true has_enforcement_mechanism: type: boolean description: Whether formal enforcement mechanisms exist required: true has_basic_systems: type: boolean description: Whether foundational systems and personnel are in place required: true has_oversight_personnel: type: boolean description: Whether dedicated oversight personnel are designated enforcement_cost_benefit_analysis: type: object properties: breach_cost_estimate: type: number description: Estimated cost of breaching the rules minimum: 0 benefit_estimate: type: number description: Estimated benefit from following the rules minimum: 0 cost_exceeds_benefit: type: boolean description: Whether breach costs exceed benefits required: true analysis_basis: type: string enum: [quantitative, qualitative, mixed] description: Basis of the analysis required: - cost_exceeds_benefit resource_burden_statement: type: object properties: internal_non_oversight_burden: type: string enum: [none, minimal, moderate, significant] description: Resource burden on non-oversight internal members external_partner_burden: type: string enum: [none, minimal, moderate, significant] description: Resource burden on external partners burden_mitigation_measures: type: array items: type: string description: Measures to reduce resource burden required: - internal_non_oversight_burden - external_partner_burden compliance_verification_methods: type: array items: type: string description: Methods used to verify compliance regulatory_framework_reference: type: string description: Reference to parent regulatory framework created_at: type: string format: date-time description: Timestamp of creation required: true last_updated: type: string format: date-time description: Timestamp of last update ``` ## 3. Output Data Structure ```yaml $schema: https://agentskills.io/schemas/compliance_validation_result type: object properties: decision: type: string enum: [COMPLIANT, IGNORE, CLARIFY] description: Compliance decision infrastructure_id: type: string pattern: ^[a-f0-9]{8}$ description: Reference to infrastructure being validated validation_status: type: string enum: [valid, invalid, conditional] description: Overall validation status cost_benefit_compliance: type: boolean description: Whether breach costs exceed benefits resource_burden_compliance: type: boolean description: Whether resource burden is minimized findings: type: array items: type: object properties: severity: type: string enum: [error, warning, info] category: type: string description: Category of finding description: type: string description: Detailed description recommendation: type: string description: Recommended action metadata: type: object properties: validated_by: type: string description: Agent ID that performed validation validated_at: type: string format: date-time description: Timestamp of validation applied_norms: type: array items: type: string description: List of skill IDs and versions applied ``` ## 4. Error Patterns (Auto-Detection) ### 4.1 Missing Cost-Benefit Analysis Pattern ``` Pattern: Compliance infrastructure without cost-benefit analysis Detection Rule: - Check if 'enforcement_cost_benefit_analysis' exists - Verify 'cost_exceeds_benefit' boolean is set - Confirm analysis has quantitative or qualitative basis Natural Language Detection: "This compliance infrastructure lacks a cost-benefit analysis showing that breach costs exceed benefits. Please provide quantitative or qualitative evidence that violating rules is more costly than following them." Response: CLARIFY ``` ### 4.2 Excessive Resource Burden Pattern ``` Pattern: Infrastructure imposes significant burden on non-regulatory personnel Detection Rule: - Check 'resource_burden_statement.internal_non_oversight_burden' - Flag if status is 'significant' without mitigation measures - Check 'external_party_burden' for excessive requirements Natural Language Detection: "This infrastructure imposes significant resource burden on personnel not involved in oversight. Please provide mitigation measures or demonstrate why the burden is necessary." Response: CLARIFY ``` ### 4.3 Missing Enforcement Mechanism Pattern ``` Pattern: Infrastructure without formal enforcement capability Detection Rule: - Verify 'has_enforcement_mechanism' is true - Check if compliance_verification_methods are defined - Validate that verification leads to consequences Natural Language Detection: "A compliance infrastructure without enforcement mechanisms cannot ensure breach costs exceed benefits. Please define how violations will be detected and addressed." Response: CLARIFY ``` ### 4.4 Missing Foundation Pattern ``` Pattern: Infrastructure lacks basic systems and personnel Detection Rule: - Verify 'has_basic_systems' is true - Check 'has_oversight_personnel' is true - Confirm systems can actually enforce rules Natural Language Detection: "Compliance infrastructure requires foundational systems and personnel to function. Please establish basic enforcement capabilities before proceeding." Response: CLARIFY ``` ## 5. Prompt Templates ### 5.1 Infrastructure Assessment Template ``` Assessing compliance infrastructure: {infrastructure_name} Core Requirements: [ ] Enforcement mechanisms exist and are operational [ ] Basic systems and personnel are in place [ ] Oversight personnel are designated [ ] Breach costs exceed benefits (economic incentive alignment) [ ] Non-oversight personnel bear minimal resource burden [ ] External partners not unduly burdened Please provide: 1. Evidence that breach costs exceed benefits 2. Description of enforcement mechanisms 3. Resource burden assessment for all stakeholder categories 4. Any mitigation measures for identified burdens ``` ### 5.2 Compliance Validation Template ``` Validating compliance infrastructure: {infrastructure_id} Cost-Benefit Analysis: - Breach Cost Estimate: {breach_cost} - Benefit Estimate: {benefit} - Cost Exceeds Benefit: {cost_exceeds_benefit} Resource Burden: - Internal Non-Oversight: {internal_burden} - External Partners: {external_burden} Validation Results: [ ] Cost-benefit requirements: {PASS|FAIL} [ ] Resource burden requirements: {PASS|FAIL} [ ] Enforcement capability: {PASS|FAIL} DECISION: {COMPLIANT|IGNORE|CLARIFY} Findings: {findings_json} ``` ## 6. JSON Example ```json { "infrastructure_id": "91ff9448-001", "infrastructure_name": "Document Processing Compliance Framework", "has_enforcement_mechanism": true, "has_basic_systems": true, "has_oversight_personnel": true, "enforcement_cost_benefit_analysis": { "breach_cost_estimate": 50000, "benefit_estimate": 30000, "cost_exceeds_benefit": true, "analysis_basis": "quantitative" }, "resource_burden_statement": { "internal_non_oversight_burden": "minimal", "external_partner_burden": "none", "burden_mitigation_measures": [ "Automated compliance checking", "Integrated workflow tools", "Clear documentation requirements" ] }, "compliance_verification_methods": [ "Automated system logs", "Periodic audits", "Exception reporting" ], "regulatory_framework_reference": "org-wide-policy-v2", "created_at": "2025-01-01T00:00:00Z", "last_updated": "2025-01-10T14:30:00Z" } ``` ## 7. Validation Rules | Field | Rule | Error Message | |-------|------|---------------| | infrastructure_name | Must not be empty | "Infrastructure name is required" | | has_enforcement_mechanism | Must be true | "Enforcement mechanism is required" | | has_basic_systems | Must be true | "Basic systems and personnel are required" | | cost_exceeds_benefit | Must be true | "Breach costs must exceed benefits" | | internal_non_oversight_burden | Must not be 'significant' | "Significant burden on non-oversight personnel is not acceptable" | | enforcement_cost_benefit_analysis | Required | "Cost-benefit analysis is required" | ## 8. Dependencies and Relationships ### 8.1 Depends On - **d0111eb4**: Expected Effect Justification - May require justification of cost-benefit claims ### 8.2 Related Skills - **6d206b54**: Hierarchical Authority - Defines oversight authority structure - **9e6bc34f**: Information Disclosure Standards - Transparency requirements for enforcement ## 9. Error Handling Behaviors | Error Type | Handling Behavior | |------------|-------------------| | Missing cost-benefit analysis | REFUSE transmission, request complete analysis | | Cost doesn't exceed benefit | REFUSE transmission, require adjustment | | Excessive resource burden | WARN and require mitigation plan | | Missing enforcement mechanism | REFUSE transmission | | Incomplete foundation | REFUSE transmission | ## 10. Changelog | Version | Date | Changes | |---------|------|---------| | 1.0.0 | 2025-01-10 | Initial release | --- **End of Skill 91ff9448**