Decision admissibility becomes infrastructure.

The thesis, in one line

Proof, not capability, is becoming the scarce resource — and whoever ships the proof layer first defines the category.

Most organizations can already tell you whether an AI system produced an output. Almost none can prove the output was decision-valid — authorized, evidence-linked, and policy-compliant — captured at the moment the decision was made. That gap is not a bug in any one model; it is missing infrastructure. It will be filled exactly once, the way TLS, code signing, and double-entry bookkeeping were each filled once. Summit's bet is that it gets filled at the knowledge-graph layer, not the model layer — a new control plane we call Cognitive Security — and that the company holding the receipt format, the verification primitive, and the early standards posture holds the category.

Everything below is the long version of that sentence: the category being created, why the window is open now, the wedge that gets us in, the moat that keeps us there, and where it goes.

01 · The category

Accountable-AI infrastructure is not a feature of governance tools. It is the layer they all sit on top of.

Explanation is not proof. Observability tells you what happened; audit logs tell you who did it. Neither tells you why the system reached this conclusion, with this evidence, under this policy, captured at decision time. The market has crowded into model safety, data security, and AI governance dashboards — all of which assume a trustworthy record underneath them and none of which produce one. That missing record is the category.

We call it decision admissibility: the standard a consequential, machine-mediated decision must meet to count as real once it is contested — reconstructable, reviewable, and independently verifiable. It borrows deliberately from the law of evidence, where four centuries of doctrine already govern which evidence is allowed to decide a question. Admissibility is a category Summit is creating, not a slice of an existing one. The adjacent market it draws budget from — AI governance — is real and growing, but admissibility sits underneath it as the control plane, not beside it as a competitor.

02 · Why now

A regulatory window and a category vacuum are arriving at the same time — and the company that ships first sets the vocabulary.

The recurring question from the buyer side — CISOs, risk officers, mission owners — is becoming concrete: when this fails, how do we know it failed, and can we prove to a regulator that we knew? Three forces are converging to make that question unavoidable now rather than later:

1. A

   Autonomy crossed from drafting into deciding

   Agentic systems now take actions, not just suggest them. The moment an AI action has consequences a regulator or counterparty can challenge, an unprovable action becomes an unpriceable liability. The risk is not that AI is wrong — it is that AI is wrong in ways the operator cannot detect and the auditor cannot reconstruct.

2. B

   Regulation is converging on runtime obligations

   The tailwinds point at exactly this requirement: the OMB federal AI governance mandate; the EU AI Act (Articles 13–15 high-risk and runtime obligations) binding August 2, 2026, with penalties to €15M / 3% of turnover; and NIST AI RMF converging with bank model-risk guidance (SR 11-7), FedRAMP, CMMC, and IC Directive 503. These regimes increasingly demand a record produced at decision time, not a narrative assembled afterward.

3. C

   No one else is shipping the runtime layer

   Cognitive Security operates at runtime — every decision, every time, signed before the output leaves the system — unlike AI governance, which operates on review cycles. The space directly below the governance dashboards is open. Categories are defined by whoever ships the primitive first and names it.

Timing risk runs the other way too: a window this clear attracts incumbents. The defense against that is in the moat section — the wedge has to convert into proprietary surface before the obvious players notice the layer exists.

03 · The wedge

The Decision Receipt is narrow enough to ship, deploy, and verify today — and load-bearing enough to pull a whole platform behind it.

A category is an argument; a wedge is a product you can buy. Summit's wedge is the Decision Receipt: every governed action ships a cryptographically signed, replayable, independently verifiable record of why the answer was allowed, revised, blocked, or escalated. It wraps any analytic output — from an LLM, an agentic system, or an existing analysis platform — and makes it admissible without replacing the thing that produced it. We do not replace the analysis; we make the analysis admissible.

Crucially, this is built, deployed, and in active pilot motion — not a model wrapper, not a UI overlay, not a research project. It is live in production at decrec.summitcognitive.ai with a public key and ledger for independent verification. The public-level proof points below are why a buyer can evaluate the claim instead of trusting it.

Engineering metrics are audit-time figures (late May to early June 2026); some have since advanced. The land-and-expand logic: the receipt is the smallest unit a regulated or mission buyer can adopt, and once decisions are issued as receipts the buyer accumulates a verifiable record they cannot easily un-adopt — the platform expands underneath the wedge.

04 · The moat

First-mover in a named category, anchored by a patent posture and an early standards position — not by a feature lead that erodes.

Feature moats erode; category, standards, and IP moats compound. Summit is building all three, in that order of durability:

1. i

   Category and vocabulary ownership

   Summit owns the language of the category — Cognitive Security, the Decision Receipt, the runtime admissibility layer — and is publishing into it continuously through the Dispatches essay series, the Warrant podcast, and the forthcoming book Admissible Reality. The company that defines the category's terms tends to set the terms of the procurement.

2. ii

   Patent posture

   The IP surface is anchored by provisional patent application No. 64/034,952, filed April 10, 2026, with the non-provisional conversion due April 10, 2027, plus a continuation and international PCT strategy funded by this round. The patent is pending, not granted. Patent-sensitive implementation detail is available under NDA only.

3. iii

   Standards capture

   Admissibility is a primitive that wants to become a standard — a receipt format and a verification primitive that other tools build against. Early federal posture (UEI, SAM.gov, CAGE assigned) and alignment to NIST AI RMF, SR 11-7, FedRAMP, CMMC, and IC Directive 503 position Summit to shape the requirement rather than chase it. A speaking slot at Web Summit, Lisbon (November 9–12, 2026) is in flight, being secured — not confirmed — as part of that posture.

4. iv

   Production proof as a switching cost

   Once decisions are issued and accumulated as signed receipts, the verifiable ledger becomes its own lock-in: a regulated buyer cannot retroactively re-prove a history it never captured. Being live and verifiable today, ahead of incumbents, is itself a defensible head start.

On incumbents: positioning versus large analysis platforms is complementary, not competitive. They build the investigator's notebook; Summit builds the notarized record beside it. The Decision Receipt wraps any analytic output and makes it replayable, auditable, and defensible — which makes Summit a layer those platforms eventually want underneath them, not a target they want to displace.

05 · Market framing

We frame the market qualitatively. Hard sizing is a diligence conversation, not a landing-page number.

Three buyer categories carry the early motion, each with a regulatory reason to need admissibility now: federal mission systems (defense and national-security work, where deterministic replay and authority binding are mission requirements); regulated enterprise (banks under SR 11-7, healthcare under HIPAA and the 21st Century Cures Act, insurers under emerging state AI-governance mandates); and design partners on the pilot motion. These are not speculative segments — they are the buyers already being told by their regulators to produce exactly the artifact Summit issues.

On sizing: the AI-governance market is the adjacent budget admissibility draws from, but admissibility is a category Summit is creating rather than a slice of governance, so a clean top-down number understates the wedge and overstates the comparability. We decline to invent a TAM here. The defensible figures — adjacent-market estimates (third-party), the serviceable wedge, and comparable framing — live in the data room. Any hard market figure on this page is marked: [[ TK — confirm with Brian ]] total addressable market sizing; [[ TK — confirm with Brian ]] serviceable obtainable share over the model horizon.

06 · Where this goes

From a receipt, to a standard, to the layer every accountable-AI deployment is required to sit on.

The progression the thesis bets on, stated as a sequence rather than a promise: (1) the Decision Receipt lands as a buyable wedge in regulated and mission buyers; (2) the receipt format and verification primitive become something other tools build against — a de facto standard for what a defensible AI decision looks like; (3) Cognitive Security becomes the assumed control plane beneath AI governance, model safety, and audit, the way certificate authorities became assumed beneath the web.

Exit framing is execution-dependent and stated as a range, not a target: acquisition by a platform or defense prime that needs the admissibility layer it does not have, or an independent path on a federal and regulated-enterprise base over a longer horizon. The data room carries the comparable framing and the milestone-linked version of this. The honest summary of the bet:

The near-term milestones that de-risk the next step — signed pilots, the multi-tenant and public-demo path, the patent conversion, and the federal motion — are detailed for qualified investors in the gated data room.